diff options
author | Ngô Ngọc Đức Huy <huyngo@disroot.org> | 2024-03-25 14:52:01 +0700 |
---|---|---|
committer | Ngô Ngọc Đức Huy <huyngo@disroot.org> | 2024-03-25 14:52:01 +0700 |
commit | c068201813845d32d55169aa495c2aace27e9502 (patch) | |
tree | 79f19bb6230c9bf2e8bd1b8fe79f567b3a9da0db | |
parent | af6b4731e458b40821a18438223edc8a05014779 (diff) | |
download | nixos-conf-c068201813845d32d55169aa495c2aace27e9502.tar.gz |
Update filter for maddy
-rw-r--r-- | fail2ban-filters/maddy.conf | 9 | ||||
-rw-r--r-- | fail2ban.nix | 8 | ||||
-rw-r--r-- | mail.nix | 2 |
3 files changed, 17 insertions, 2 deletions
diff --git a/fail2ban-filters/maddy.conf b/fail2ban-filters/maddy.conf new file mode 100644 index 0000000..b354315 --- /dev/null +++ b/fail2ban-filters/maddy.conf @@ -0,0 +1,9 @@ +[INCLUDES] + +before = common.conf + +[Definition] + +_daemon = maddy + +failregex = authentication failed\s{"reason":"auth: invalid credentials","src_ip":"<HOST> diff --git a/fail2ban.nix b/fail2ban.nix index 018d4d8..06dd4ec 100644 --- a/fail2ban.nix +++ b/fail2ban.nix @@ -18,6 +18,11 @@ { pkgs, ... }: { + environment.etc = { + "fail2ban/filter.d/maddy.conf" = { + source = ./fail2ban-filters/maddy.conf + } + } services.fail2ban = { enable = true; bantime = "30m"; @@ -28,7 +33,8 @@ jails = { maddy = { settings = { - logpath = "/var/log/maddy.log"; + filter = "maddy"; + # logpath = "/var/log/maddy.log"; }; }; }; diff --git a/mail.nix b/mail.nix index edb5da0..2856d1a 100644 --- a/mail.nix +++ b/mail.nix @@ -44,7 +44,7 @@ in { use_helper no } - log syslog /var/log/maddy/maddy.log + log syslog storage.imapsql local_mailboxes { driver sqlite3 |