Disable fail2ban

Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>

hosts/common/configs/system/fail2ban/default.nix

@@ -0,0 +1,14 @@
+{ ... }:
+{
+  environment.persistence."/persist/state"."/var/lib/fail2ban" = { };
+
+  services.fail2ban = {
+    enable = true;
+    bantime = "24h";
+    bantime-increment = {
+      enable = true;
+      maxtime = "720h";
+      overalljails = true;
+    };
+  };
+}

hosts/common/configs/system/sshd/default.nix

@@ -1,31 +1,15 @@
 { pkgs, ... }:
 {
-  environment = {
+  environment.systemPackages = with pkgs; [
-    systemPackages = with pkgs; [
     kitty.terminfo
     tmux.terminfo
   ];
 
-    persistence."/persist/state"."/var/lib/fail2ban" = { };
+  services.openssh = {
-  };
-
-  services = {
-    openssh = {
     enable = true;
     settings = {
       PasswordAuthentication = false;
       PrintMotd = false;
     };
   };
-
-    fail2ban = {
-      enable = true;
-      bantime = "24h";
-      bantime-increment = {
-        enable = true;
-        maxtime = "720h";
-        overalljails = true;
-      };
-    };
-  };
 }

hosts/jupiter-vps/configs/podman/prometheus/default.nix

@@ -8,7 +8,6 @@ in
   networking.firewall.interfaces.wg0.allowedTCPPorts = [
     9100
     9882
-    9191
   ];
 
   virtualisation.quadlet.containers = {
@@ -55,11 +54,5 @@ in
       volumes = [ "/run/podman/podman.sock:/run/podman/podman.sock:ro" ];
       exec = [ "--collector.enable-all" ];
     };
-
-    prometheus-fail2ban-exporter.containerConfig = {
-      image = "docker-archive:${selfPkgs.docker-prometheus-fail2ban-exporter}";
-      publishPorts = [ "9191:9191/tcp" ];
-      volumes = [ "/run/fail2ban/fail2ban.sock:/var/run/fail2ban/fail2ban.sock:ro" ];
-    };
   };
 }

hosts/jupiter/users/storm/configs/console/podman/prometheus/default.nix

@@ -62,12 +62,6 @@ in
       exec = [ "--collector.enable-all" ];
     };
 
-    prometheus-fail2ban-exporter.containerConfig = {
-      image = "docker-archive:${selfPkgs.docker-prometheus-fail2ban-exporter}";
-      publishPorts = [ "9191:9191/tcp" ];
-      volumes = [ "/run/fail2ban/fail2ban.sock:/var/run/fail2ban/fail2ban.sock:ro" ];
-    };
-
     prometheus-smartctl-exporter.containerConfig = {
       image = "docker-archive:${selfPkgs.docker-prometheus-smartctl-exporter}";
       publishPorts = [ "9633:9633/tcp" ];
@@ -169,19 +163,6 @@ in
                           }
                         ];
                       }
-                      {
-                        job_name = "${hostname}-fail2ban-exporter";
-                        static_configs = [
-                          {
-                            targets = [ "host.containers.internal:9191" ];
-                            labels = {
-                              app = "fail2ban-exporter";
-                              user = "root";
-                              inherit hostname;
-                            };
-                          }
-                        ];
-                      }
                       {
                         job_name = "${hostname}-smartctl-exporter";
                         static_configs = [
@@ -221,19 +202,6 @@ in
                           }
                         ];
                       }
-                      {
-                        job_name = "${jupiterVpsHostname}-fail2ban-exporter";
-                        static_configs = [
-                          {
-                            targets = [ "10.0.0.1:9191" ];
-                            labels = {
-                              app = "fail2ban-exporter";
-                              user = "root";
-                              hostname = jupiterVpsHostname;
-                            };
-                          }
-                        ];
-                      }
                     ];
                 };
               in