modules/fail2ban.nix at main · yemou.pink/nix-configs

yemou.pink / nix-configs

Nix configurations for my homelab

nix-configs / modules / fail2ban.nix

at main 572 B view raw

 1{ config, lib, ... }:
 2{
 3  environment.persistence."/data/persistent".directories = [ "/var/lib/fail2ban" ];
 4
 5  services.fail2ban = {
 6    enable = true;
 7    bantime = "12h";
 8    bantime-increment = {
 9      enable = true;
10      formula = "ban.Time * (2 ** ban.Count)";
11      overalljails = true;
12      rndtime = "1h";
13    };
14    ignoreIP = [
15      (lib.mkIf (config.networking.hostName != "lily") config.garden.info.network.lily.netbird-ip)
16      (lib.mkIf (config.networking.hostName != "lutea") config.garden.info.network.lutea.netbird-ip)
17    ];
18    maxretry = 1;
19  };
20}