From 6059c3c0ba530d13253948ac4b045d19323d3e75 Mon Sep 17 00:00:00 2001
From: Kabbone <tobias@opel-online.de>
Date: Sun, 4 Jun 2023 14:22:57 +0200
Subject: [PATCH] server: gitea: fail2ban fix

---
 hosts/configuration_server.nix                     | 7 ++++---
 modules/services/server/fail2ban/filter/gitea.conf | 2 ++
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/hosts/configuration_server.nix b/hosts/configuration_server.nix
index f3ac4f9..e02f79c 100644
--- a/hosts/configuration_server.nix
+++ b/hosts/configuration_server.nix
@@ -116,14 +116,15 @@
     fail2ban = {
         enable = true;
         maxretry = 5;
+        extraSettings = {
+           findtime = "15m";
+           bantime = "1h";
+        };
         jails = {
             gitea = ''
               enabled = true
               filter = gitea
               backend = systemd
-              maxretry = 10
-              findtime = 3600
-              bantime = 900
               action = iptables-allports
             '';
           };
diff --git a/modules/services/server/fail2ban/filter/gitea.conf b/modules/services/server/fail2ban/filter/gitea.conf
index bd0f976..13f2813 100644
--- a/modules/services/server/fail2ban/filter/gitea.conf
+++ b/modules/services/server/fail2ban/filter/gitea.conf
@@ -1,3 +1,5 @@
 [Definition]
 failregex =  .*(Failed authentication attempt|invalid credentials|Attempted access of unknown user).* from <HOST>
 ignoreregex =
+#journalmatch = _SYSTEMD_UNIT=gitea.servie
+journalmatch =