diff options
Diffstat (limited to 'profiles/network/fail2ban.nix')
| -rw-r--r-- | profiles/network/fail2ban.nix | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/profiles/network/fail2ban.nix b/profiles/network/fail2ban.nix new file mode 100644 index 0000000..6aa6613 --- /dev/null +++ b/profiles/network/fail2ban.nix @@ -0,0 +1,15 @@ +{ ... }: +{ + services.fail2ban = { + enable = true; + ignoreIP = [ + "10.100.0.0/24" # wireguard + ]; + bantime = "1h"; + bantime-increment = { + enable = true; + maxtime = "168h"; + factor = "4"; + }; + }; +} |