Kabbone/nixos-config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

server: gitea: fail2ban fix

Browse Source
This commit is contained in:
Kabbone 2023-06-04 14:22:57 +02:00
parent 1771fba57b
commit 6059c3c0ba
Signed by: Kabbone
SSH Key Fingerprint: SHA256:A5zPB5I6u5V78V51c362BBdCwhDhfDUVbt7NfKdjWBY
2 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
hosts/configuration_server.nix
View File

@ -116,14 +116,15 @@
fail2ban = { fail2ban = {
enable = true; enable = true;
maxretry = 5; maxretry = 5;
extraSettings = {
findtime = "15m";
bantime = "1h";
};
jails = { jails = {
gitea = '' gitea = ''
enabled = true enabled = true
filter = gitea filter = gitea
backend = systemd backend = systemd
maxretry = 10
findtime = 3600
bantime = 900
action = iptables-allports action = iptables-allports
''; '';
}; };

2
modules/services/server/fail2ban/filter/gitea.conf
View File

@ -1,3 +1,5 @@
[Definition] [Definition]
failregex = .*(Failed authentication attempt|invalid credentials|Attempted access of unknown user).* from <HOST> failregex = .*(Failed authentication attempt|invalid credentials|Attempted access of unknown user).* from <HOST>
ignoreregex = ignoreregex =
#journalmatch = _SYSTEMD_UNIT=gitea.servie
journalmatch =