lander/nix-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat: enable fail2ban

Browse source 
Signed-off-by: Lander Van den Bulcke <landervandenbulcke@gmail.com>
This commit is contained in:
Lander Van den Bulcke 2025-10-23 21:39:19 +02:00
parent 49341364a8
commit 86347a68de
Signed by: lander
GPG key ID: 0142722B4B0C536F
4 changed files with 72 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

12
hosts/servers/hosting-01.nix
View file

@ -29,6 +29,18 @@ in
];
};
services.fail2ban.jails = {
# max 6 failures in 600 seconds
"nginx-spam" = ''
enabled = true
filter = nginx-bruteforce
logpath = /var/log/nginx/access.log
backend = auto
maxretry = 6
findtime = 600
'';
};
services.nginx = {
enable = true;
recommendedGzipSettings = true;