Add fail2ban
This commit is contained in:
parent
8fd0ef1397
commit
1d4f2475bf
3 changed files with 13 additions and 4 deletions
|
@ -13,14 +13,16 @@
|
|||
{ lib, config, pkgs, ... }: {
|
||||
imports =
|
||||
[
|
||||
# Gnome configuration file.
|
||||
# Desktop Environments
|
||||
./desktops/gnome.nix
|
||||
# Default configuration for Firefox
|
||||
|
||||
# Software
|
||||
./software/firefox.nix
|
||||
# Enable OpenSSH
|
||||
|
||||
# Services
|
||||
./services/openssh.nix
|
||||
# Promtail logging
|
||||
./services/promtail.nix
|
||||
./services/fail2ban.nix
|
||||
];
|
||||
|
||||
# Keep the system up-to-date automatically
|
||||
|
@ -154,6 +156,7 @@
|
|||
tailscale
|
||||
neofetch
|
||||
gnupg
|
||||
fail2ban
|
||||
];
|
||||
|
||||
# Enable various system services
|
||||
|
|
5
services/fail2ban.nix
Normal file
5
services/fail2ban.nix
Normal file
|
@ -0,0 +1,5 @@
|
|||
{ config, pkgs, ... }: {
|
||||
services.fail2ban = {
|
||||
enable = true;
|
||||
};
|
||||
}
|
|
@ -2,6 +2,7 @@
|
|||
services.openssh = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
logLevel = "VERBOSE"; # Used for fail2ban monitoring
|
||||
settings.PermitRootLogin = "no";
|
||||
settings.PasswordAuthentication = "true"; # Set this to false when keys are configured
|
||||
banner = ''
|
||||
|
|
Loading…
Reference in a new issue