summary refs log tree commit diff stats
path: root/system/services/fail2ban/default.nix
diff options
context:
space:
mode:
Diffstat (limited to 'system/services/fail2ban/default.nix')
-rw-r--r--system/services/fail2ban/default.nix45
1 files changed, 0 insertions, 45 deletions
diff --git a/system/services/fail2ban/default.nix b/system/services/fail2ban/default.nix
deleted file mode 100644
index 1c47568..0000000
--- a/system/services/fail2ban/default.nix
+++ /dev/null
@@ -1,45 +0,0 @@
-{...}: {
-  vhack.persist.directories = [
-    {
-      directory = "/var/lib/fail2ban";
-      user = "fail2ban";
-      group = "fail2ban";
-      mode = "0700";
-    }
-  ];
-
-  services.fail2ban = {
-    enable = true;
-    maxretry = 7; # ban after 7 failures
-    daemonSettings = {
-      Definition = {
-        logtarget = "SYSLOG";
-        socket = "/run/fail2ban/fail2ban.sock";
-        pidfile = "/run/fail2ban/fail2ban.pid";
-        dbfile = "/var/lib/fail2ban/db.sqlite3";
-      };
-    };
-    bantime-increment = {
-      enable = true;
-      rndtime = "8m";
-      overalljails = true;
-      multipliers = "2 4 16 128 256";
-      maxtime = "72h";
-    };
-    jails = {
-      dovecot = ''
-        # block IPs which failed to log-in
-        # aggressive mode add blocking for aborted connections
-        enabled = true
-        filter = dovecot[mode=aggressive]
-        maxretry = 2
-      '';
-      postfix = ''
-        enabled = true
-        filter = postfix[mode=aggressive]
-        findtime = 600
-        maxretry = 3
-      '';
-    };
-  };
-}
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-12-26 13:32:49 +0000