modules/hosts/server/fail2ban/default.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31

{
  config,
  pkgs,
  options,
  lib,
  ...
}:
let
  cfg = config.nx.server.fail2ban;
  inherit (lib) mkOption types mkIf;
in
{
  options.nx.server.fail2ban = {
    enable = mkOption {
      description = "Setup fail2ban service";
      type = types.bool;
      default = false;
    };
    bantime = mkOption {
      description = "default bantime";
      type = types.str;
      default = "1h";
    };
  };
  config = mkIf cfg.enable {
    services.fail2ban = {
      enable = true;
      bantime = cfg.bantime;
    };
  };
}