Commit da73e80

HPCesia <me@hpcesia.com>
2025-10-05 13:32:55
refactor: migrate fail2ban
1 parent 5975ffd
Changed files (3)
hosts
chaser-pardofelis
modules
hosts
chaser-pardofelis
services
hosts/chaser-pardofelis/firewall.nix
@@ -1,14 +0,0 @@
-{...}: {
-  networking.firewall.enable = true;
-
-  services.fail2ban = {
-    enable = true;
-    maxretry = 3;
-    bantime = "10m";
-    bantime-increment.enable = true;
-    ignoreIP = [
-      "172.16.0.0/12"
-      "192.168.0.0/16"
-    ];
-  };
-}
modules/hosts/chaser-pardofelis/default.nix
@@ -22,6 +22,7 @@
         [
           "artalk"
           "caddy"
+          "fail2ban"
           "forgejo"
           "forgejo-runner"
           "freshrss"
modules/services/fail2ban.nix
@@ -0,0 +1,16 @@
+{
+  flake.modules.nixos."services/fail2ban" = _: {
+    services.fail2ban = {
+      enable = true;
+      maxretry = 3;
+      bantime = "10m";
+      bantime-increment.enable = true;
+      ignoreIP = [
+        "172.16.0.0/12"
+        "192.168.0.0/16"
+      ];
+    };
+
+    networking.firewall.enable = true;
+  };
+}