Compare commits
2 commits
4e093fbff3
...
a059828a58
| Author | SHA1 | Date | |
|---|---|---|---|
 Bruno BELANYI
|
a059828a58 | ||
|
Bruno BELANYI
|
96e1a54638 |
|
|
@ -48,5 +48,21 @@ in
|
|||
inherit (cfg) port;
|
||||
};
|
||||
};
|
||||
|
||||
services.fail2ban.jails = {
|
||||
miniflux = ''
|
||||
enabled = true
|
||||
filter = miniflux
|
||||
port = http,https
|
||||
'';
|
||||
};
|
||||
|
||||
environment.etc = {
|
||||
"fail2ban/filter.d/miniflux.conf".text = ''
|
||||
[Definition]
|
||||
failregex = ^.*msg="[^"]*(Incorrect|Invalid) username or password[^"]*".*client_ip=<ADDR>
|
||||
journalmatch = _SYSTEMD_UNIT=miniflux.service
|
||||
'';
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -87,5 +87,25 @@ in
|
|||
"${config.services.nextcloud.home}/data/appdata_*/preview"
|
||||
];
|
||||
};
|
||||
|
||||
services.fail2ban.jails = {
|
||||
nextcloud = ''
|
||||
enabled = true
|
||||
filter = nextcloud
|
||||
port = http,https
|
||||
'';
|
||||
};
|
||||
|
||||
environment.etc = {
|
||||
"fail2ban/filter.d/nextcloud.conf".text = ''
|
||||
[Definition]
|
||||
_groupsre = (?:(?:,?\s*"\w+":(?:"[^"]+"|\w+))*)
|
||||
datepattern = ,?\s*"time"\s*:\s*"%%Y-%%m-%%d[T ]%%H:%%M:%%S(%%z)?"
|
||||
failregex = ^[^{]*\{%(_groupsre)s,?\s*"remoteAddr":"<HOST>"%(_groupsre)s,?\s*"message":"Login failed:
|
||||
^[^{]*\{%(_groupsre)s,?\s*"remoteAddr":"<HOST>"%(_groupsre)s,?\s*"message":"Trusted domain error.
|
||||
^[^{]*\{%(_groupsre)s,?\s*"remoteAddr":"<HOST>"%(_groupsre)s,?\s*"message":"Two-factor challenge failed:
|
||||
journalmatch = _SYSTEMD_UNIT=phpfpm-nextcloud.service
|
||||
'';
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue