diff --git a/configuration.nix b/configuration.nix index fa8126f4..6dc9df4c 100644 --- a/configuration.nix +++ b/configuration.nix @@ -13,14 +13,16 @@ { lib, config, pkgs, ... }: { imports = [ - # Gnome configuration file. + # Desktop Environments ./desktops/gnome.nix - # Default configuration for Firefox + + # Software ./software/firefox.nix - # Enable OpenSSH + + # Services ./services/openssh.nix - # Promtail logging ./services/promtail.nix + ./services/fail2ban.nix ]; # Keep the system up-to-date automatically @@ -154,6 +156,7 @@ tailscale neofetch gnupg + fail2ban ]; # Enable various system services diff --git a/services/fail2ban.nix b/services/fail2ban.nix new file mode 100644 index 00000000..9e657b8a --- /dev/null +++ b/services/fail2ban.nix @@ -0,0 +1,5 @@ +{ config, pkgs, ... }: { + services.fail2ban = { + enable = true; + }; +} \ No newline at end of file diff --git a/services/openssh.nix b/services/openssh.nix index 845b6d6c..a6fd81f3 100644 --- a/services/openssh.nix +++ b/services/openssh.nix @@ -2,6 +2,7 @@ services.openssh = { enable = true; openFirewall = true; + logLevel = "VERBOSE"; # Used for fail2ban monitoring settings.PermitRootLogin = "no"; settings.PasswordAuthentication = "true"; # Set this to false when keys are configured banner = ''