summaryrefslogtreecommitdiff
path: root/modules/services/fail2ban.nix
diff options
context:
space:
mode:
Diffstat (limited to 'modules/services/fail2ban.nix')
-rw-r--r--modules/services/fail2ban.nix7
1 files changed, 7 insertions, 0 deletions
diff --git a/modules/services/fail2ban.nix b/modules/services/fail2ban.nix
index d768eb6..fa45565 100644
--- a/modules/services/fail2ban.nix
+++ b/modules/services/fail2ban.nix
@@ -1,3 +1,4 @@
+{ lib, config, ... }:
{
services.fail2ban = {
enable = false;
@@ -7,5 +8,11 @@
"172.16.0.0/12"
"192.168.0.0/16"
];
+
+ jails.sshd.settings = {
+ enabled = true;
+ filter = "sshd[mode=aggressive]";
+ port = lib.strings.concatStringsSep "," (map toString config.services.openssh.ports);
+ };
};
}
generated by cgit v1.2.3 (git 2.25.1) at 2026-05-11 14:17:24 +0000