diff options
Diffstat (limited to 'nix/modules/fail2ban.nix')
| -rw-r--r-- | nix/modules/fail2ban.nix | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/nix/modules/fail2ban.nix b/nix/modules/fail2ban.nix new file mode 100644 index 0000000..5d289a0 --- /dev/null +++ b/nix/modules/fail2ban.nix @@ -0,0 +1,11 @@ +{ lib, config, ... }: +{ + services.fail2ban = { + enable = lib.mkDefault config.monorepo.profiles.server.enable; + # Ban IP after 5 failures for 1 hour + maxretry = 5; + bantime = "1h"; + banaction = "iptables-allports"; + banaction-allports = "iptables-allports"; + }; +} |