From 1771fba57b5ced7e86070779fffd66aec08366b3 Mon Sep 17 00:00:00 2001
From: Kabbone <tobias@opel-online.de>
Date: Sun, 4 Jun 2023 09:55:48 +0200
Subject: [PATCH] server: gitea: enable fail2ban

---
 hosts/configuration_server.nix           | 9 ++++++---
 modules/services/server/gitea_runner.nix | 1 +
 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/hosts/configuration_server.nix b/hosts/configuration_server.nix
index d51dab2..f3ac4f9 100644
--- a/hosts/configuration_server.nix
+++ b/hosts/configuration_server.nix
@@ -74,8 +74,12 @@
       TERMINAL = "alacritty";
       EDITOR = "nvim";
       VISUAL = "nvim";
-      etc = {
-        "etc/fail2ban/filter.d/gitea.conf".source = ../modules/services/server/fail2ban/filter/gitea.conf;
+    };
+    etc = {
+      "fail2ban/filter.d/gitea.conf" = {
+        source = ../modules/services/server/fail2ban/filter/gitea.conf;
+        mode = "0444";
+      };
     };
     systemPackages = with pkgs; [           # Default packages install system-wide
       vim
@@ -121,7 +125,6 @@
               findtime = 3600
               bantime = 900
               action = iptables-allports
-              filter = gitea
             '';
           };
     };
diff --git a/modules/services/server/gitea_runner.nix b/modules/services/server/gitea_runner.nix
index d0248d3..d9544d5 100644
--- a/modules/services/server/gitea_runner.nix
+++ b/modules/services/server/gitea_runner.nix
@@ -27,4 +27,5 @@ in
         };
     };
     users.users.root.initialPassword = "babablup";
+    system.stateVersion = "23.11";
 }