Add fail2ban

configuration.nix

@@ -13,14 +13,16 @@
 { lib, config, pkgs, ... }: {
   imports =
     [ 
-      # Gnome configuration file.
+      # Desktop Environments
       ./desktops/gnome.nix
-      # Default configuration for Firefox
+      
+      # Software
       ./software/firefox.nix
-      # Enable OpenSSH
+
+      # Services
       ./services/openssh.nix
-      # Promtail logging
       ./services/promtail.nix
+      ./services/fail2ban.nix
     ];
 
   # Keep the system up-to-date automatically
@@ -154,6 +156,7 @@
     tailscale
     neofetch
     gnupg
+    fail2ban
   ];
 
   # Enable various system services

services/fail2ban.nix

@@ -0,0 +1,5 @@
+{ config, pkgs, ... }: {
+  services.fail2ban = {
+    enable = true;
+  };
+}

services/openssh.nix

@@ -2,6 +2,7 @@
   services.openssh = {
     enable = true;
     openFirewall = true;
+    logLevel = "VERBOSE"; # Used for fail2ban monitoring
     settings.PermitRootLogin = "no";
     settings.PasswordAuthentication = "true"; # Set this to false when keys are configured
     banner = ''