From 4a5be726c77c5989552c19f60d0e2731a64e2190 Mon Sep 17 00:00:00 2001 From: Ngô Ngọc Đức Huy Date: Fri, 22 Mar 2024 16:12:05 +0700 Subject: Update config for fail2ban --- configuration.nix | 1 + fail2ban.nix | 36 ++++++++++++++++++++++++++++++++++++ mail.nix | 2 ++ 3 files changed, 39 insertions(+) create mode 100644 fail2ban.nix diff --git a/configuration.nix b/configuration.nix index 3e6ad48..a847f29 100644 --- a/configuration.nix +++ b/configuration.nix @@ -34,6 +34,7 @@ ./automation.nix ./dbms.nix ./dns.nix + ./fail2ban.nix ./irc.nix ./git.nix ./mail.nix diff --git a/fail2ban.nix b/fail2ban.nix new file mode 100644 index 0000000..d30f6b0 --- /dev/null +++ b/fail2ban.nix @@ -0,0 +1,36 @@ +# Configuration for fail2ban +# Copyright (C) 2024 Ngô Ngọc Đức Huy +# +# This file is part of loang configuration. +# +# Loang configuration is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as published +# by the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# Loang configuration is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with loang configuration. If not, see . + +{ pkgs, ... }: +{ + services.jail2ban = { + enable = true; + bantime = "30m"; + bantime-increment = { + enable = true; + maxtime = "7d"; + }; + jails = { + maddy = { + settings = { + logpath = "/var/log/maddy.log"; + }; + }; + }; + }; +}; diff --git a/mail.nix b/mail.nix index 505210e..c7d85ee 100644 --- a/mail.nix +++ b/mail.nix @@ -44,6 +44,8 @@ in { use_helper no } + log syslog /var/log/maddy.log + storage.imapsql local_mailboxes { driver sqlite3 dsn imapsql.db -- cgit 1.4.1