Add fail2ban

This commit is contained in:
iFargle 2023-07-04 15:37:53 +09:00
parent 8fd0ef1397
commit 1d4f2475bf
3 changed files with 13 additions and 4 deletions

View file

@ -13,14 +13,16 @@
{ lib, config, pkgs, ... }: {
imports =
[
# Gnome configuration file.
# Desktop Environments
./desktops/gnome.nix
# Default configuration for Firefox
# Software
./software/firefox.nix
# Enable OpenSSH
# Services
./services/openssh.nix
# Promtail logging
./services/promtail.nix
./services/fail2ban.nix
];
# Keep the system up-to-date automatically
@ -154,6 +156,7 @@
tailscale
neofetch
gnupg
fail2ban
];
# Enable various system services

5
services/fail2ban.nix Normal file
View file

@ -0,0 +1,5 @@
{ config, pkgs, ... }: {
services.fail2ban = {
enable = true;
};
}

View file

@ -2,6 +2,7 @@
services.openssh = {
enable = true;
openFirewall = true;
logLevel = "VERBOSE"; # Used for fail2ban monitoring
settings.PermitRootLogin = "no";
settings.PasswordAuthentication = "true"; # Set this to false when keys are configured
banner = ''