diff options
Diffstat (limited to 'modules/services')
| -rw-r--r-- | modules/services/default.nix | 1 | ||||
| -rw-r--r-- | modules/services/fail2ban.nix | 11 | ||||
| -rw-r--r-- | modules/services/openssh.nix | 5 |
3 files changed, 13 insertions, 4 deletions
diff --git a/modules/services/default.nix b/modules/services/default.nix index 6113696..4aadbd8 100644 --- a/modules/services/default.nix +++ b/modules/services/default.nix @@ -2,6 +2,7 @@ imports = [ ./ananicy.nix ./dbus.nix + ./fail2ban.nix ./libinput.nix ./openssh.nix ./pia.nix diff --git a/modules/services/fail2ban.nix b/modules/services/fail2ban.nix new file mode 100644 index 0000000..d768eb6 --- /dev/null +++ b/modules/services/fail2ban.nix @@ -0,0 +1,11 @@ +{ + services.fail2ban = { + enable = false; + + ignoreIP = [ + "10.0.0.0/8" + "172.16.0.0/12" + "192.168.0.0/16" + ]; + }; +} diff --git a/modules/services/openssh.nix b/modules/services/openssh.nix index 68653fc..d4926c1 100644 --- a/modules/services/openssh.nix +++ b/modules/services/openssh.nix @@ -2,9 +2,6 @@ services.openssh = { enable = true; ports = [ 2222 ]; - - settings = { - PermitRootLogin = "yes"; - }; + openFirewall = true; }; } |