refactor(system/services/fail2ban): Migrate to `by-name`

Additionally, I've changed to owner of the `/var/lib/fail2ban` directory
to `root:root` as the main `fail2ban` service also runs under `root` and a
`fail2ban` user is never created.

1 files changed, 0 insertions, 45 deletions

diff --git a/system/services/fail2ban/default.nix b/system/services/fail2ban/default.nix
deleted file mode 100644
index 1c47568..0000000
--- a/system/services/fail2ban/default.nix
+++ /dev/null
@@ -1,45 +0,0 @@
-{...}: {
-  vhack.persist.directories = [
-    {
-      directory = "/var/lib/fail2ban";
-      user = "fail2ban";
-      group = "fail2ban";
-      mode = "0700";
-    }
-  ];
-
-  services.fail2ban = {
-    enable = true;
-    maxretry = 7; # ban after 7 failures
-    daemonSettings = {
-      Definition = {
-        logtarget = "SYSLOG";
-        socket = "/run/fail2ban/fail2ban.sock";
-        pidfile = "/run/fail2ban/fail2ban.pid";
-        dbfile = "/var/lib/fail2ban/db.sqlite3";
-      };
-    };
-    bantime-increment = {
-      enable = true;
-      rndtime = "8m";
-      overalljails = true;
-      multipliers = "2 4 16 128 256";
-      maxtime = "72h";
-    };
-    jails = {
-      dovecot = ''
-        # block IPs which failed to log-in
-        # aggressive mode add blocking for aborted connections
-        enabled = true
-        filter = dovecot[mode=aggressive]
-        maxretry = 2
-      '';
-      postfix = ''
-        enabled = true
-        filter = postfix[mode=aggressive]
-        findtime = 600
-        maxretry = 3
-      '';
-    };
-  };
-}