ambroisie/nix-config
ambroisie/nix-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

modules: services: gitea: add fail2ban jail

Browse source
This commit is contained in:
Bruno BELANYI 2023-02-19 18:36:41 +01:00
parent d647830911
commit b9f6c5d534
1 changed files with 16 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
modules/services/gitea/default.nix
View file

@ -126,5 +126,21 @@ in
config.services.gitea.repositoryRoot
];
};
services.fail2ban.jails = {
gitea = ''
enabled = true
filter = gitea
action = iptables-allports
'';
};
environment.etc = {
"fail2ban/filter.d/gitea.conf".text = ''
[Definition]
failregex = ^.*(Failed authentication attempt|invalid credentials|Attempted access of unknown user).* from <HOST>$
journalmatch = _SYSTEMD_UNIT=gitea.service
'';
};
};
}