karaolidis/nix
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add fail2ban

Browse Source 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
This commit is contained in:
Nick Karaolidis
2025-03-07 10:15:37 +00:00
parent 2cf48bf516
commit e227cab2d7
1 changed files with 22 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
hosts/common/configs/system/sshd/default.nix
View File

@@ -1,15 +1,27 @@
{ ... }: { ... }:
{ {
services.openssh = { environment = {
enableAllTerminfo = true;
persistence."/persist"."/var/lib/fail2ban" = { };
};
services = {
openssh = {
enable = true; enable = true;
ports = [ 22 ];
openFirewall = true;
settings = { settings = {
PasswordAuthentication = false; PasswordAuthentication = false;
PermitRootLogin = "no";
PrintMotd = false; PrintMotd = false;
}; };
}; };
environment.enableAllTerminfo = true; fail2ban = {
enable = true;
bantime = "24h";
bantime-increment = {
enable = true;
maxtime = "720h";
overalljails = true;
};
};
};
} }