forked from M-Labs/it-infra
nixbld: enable more fail2ban filters
This commit is contained in:
parent
93a40ea87d
commit
66d7dd6efe
|
@ -59,6 +59,30 @@ in
|
|||
filter = sshd
|
||||
action = iptables-allports
|
||||
'';
|
||||
services.fail2ban.jails.nginx-botsearch =
|
||||
''
|
||||
enabled = true
|
||||
filter = nginx-botsearch
|
||||
action = iptables-allports
|
||||
'';
|
||||
services.fail2ban.jails.nginx-limit-req =
|
||||
''
|
||||
enabled = true
|
||||
filter = nginx-limit-req
|
||||
action = iptables-allports
|
||||
'';
|
||||
services.fail2ban.jails.postfix =
|
||||
''
|
||||
enabled = true
|
||||
filter = postfix
|
||||
action = iptables-allports
|
||||
'';
|
||||
services.fail2ban.jails.dovecot =
|
||||
''
|
||||
enabled = true
|
||||
filter = dovecot
|
||||
action = iptables-allports
|
||||
'';
|
||||
|
||||
networking = {
|
||||
hostName = "nixbld";
|
||||
|
|
Loading…
Reference in New Issue