]> Git — Sourcephile - sourcephile-nix.git/blob - hosts/mermet/fail2ban.nix
losurdo: docker: enable service
[sourcephile-nix.git] / hosts / mermet / fail2ban.nix
1 { hosts, ... }:
2 {
3 imports = [
4 ../../nixos/profiles/services/fail2ban.nix
5 ];
6 services.fail2ban = {
7 enable = true;
8 ignoreIP = [
9 hosts.mermet._module.args.ipv4
10 "losurdo.sourcephile.fr"
11 ];
12 jails = {
13 sshd.settings = {
14 enabled = true;
15 bantime = "5m";
16 findtime = "1d";
17 maxretry = "1";
18 mode = "aggressive";
19 };
20 postfix.settings = {
21 enabled = true;
22 bantime = "5m";
23 filter = "postfix";
24 findtime = "10d";
25 mode = "aggressive";
26 port = 465;
27 };
28 postgresql.settings = {
29 enabled = true;
30 bantime = "5m";
31 filter = "postgresql";
32 findtime = "1d";
33 port = 5432;
34 };
35 };
36 };
37 }