28 lines
No EOL
667 B
Nix
28 lines
No EOL
667 B
Nix
{ inputs, ... }:
|
|
{
|
|
flake.modules.nixos.fail2ban-jellyfin =
|
|
{ pkgs, ... }:
|
|
{
|
|
imports = with inputs.self.modules.nixos; [
|
|
fail2ban
|
|
];
|
|
|
|
environment.etc."fail2ban/filter.d/jellyfin.conf".text = ''
|
|
[Definition]
|
|
failregex = ^.*Authentication request for .+ has been denied \(IP: <ADDR>\)\.$
|
|
ignoreregex =
|
|
'';
|
|
|
|
services.fail2ban.jails.jellyfin = {
|
|
settings = {
|
|
enabled = true;
|
|
filter = "jellyfin";
|
|
backend = "systemd[journalflags=1]";
|
|
journalmatch = "_SYSTEMD_UNIT=podman-jellyfin.service";
|
|
maxretry = 5;
|
|
bantime = "1h";
|
|
findtime = "10m";
|
|
};
|
|
};
|
|
};
|
|
} |