nekomimi.pet / nixcfg
my nix configs for my servers and desktop
fork atom

remove jail

nekomimi.pet f133e8f1 706355fd

options
unified split
Changed files
-42
hosts
baal
default.nix
buer
default.nix
valefar
default.nix
-14
hosts/baal/default.nix
··· 47 47 maxtime = "168h"; # Do not ban for more than 1 week 48 48 overalljails = true; # Calculate the bantime based on all the violations 49 49 }; 50 - jails = { 51 - apache-nohome-iptables.settings = { 52 - # Block an IP address if it accesses a non-existent 53 - # home directory more than 5 times in 10 minutes, 54 - # since that indicates that it's scanning. 55 - filter = "apache-nohome"; 56 - action = ''iptables-multiport[name=HTTP, port="http,https"]''; 57 - logpath = "/var/log/httpd/error_log*"; 58 - backend = "auto"; 59 - findtime = 600; 60 - bantime = 600; 61 - maxretry = 5; 62 - }; 63 - }; 64 50 }; 65 51 66 52 virtualisation.docker = {
-14
hosts/buer/default.nix
··· 80 80 maxtime = "168h"; # Do not ban for more than 1 week 81 81 overalljails = true; # Calculate the bantime based on all the violations 82 82 }; 83 - jails = { 84 - apache-nohome-iptables.settings = { 85 - # Block an IP address if it accesses a non-existent 86 - # home directory more than 5 times in 10 minutes, 87 - # since that indicates that it's scanning. 88 - filter = "apache-nohome"; 89 - action = ''iptables-multiport[name=HTTP, port="http,https"]''; 90 - logpath = "/var/log/httpd/error_log*"; 91 - backend = "auto"; 92 - findtime = 600; 93 - bantime = 600; 94 - maxretry = 5; 95 - }; 96 - }; 97 83 }; 98 84 99 85 # Static IP configuration via systemd-networkd
-14
hosts/valefar/default.nix
··· 276 276 maxtime = "168h"; # Do not ban for more than 1 week 277 277 overalljails = true; # Calculate the bantime based on all the violations 278 278 }; 279 - jails = { 280 - apache-nohome-iptables.settings = { 281 - # Block an IP address if it accesses a non-existent 282 - # home directory more than 5 times in 10 minutes, 283 - # since that indicates that it's scanning. 284 - filter = "apache-nohome"; 285 - action = ''iptables-multiport[name=HTTP, port="http,https"]''; 286 - logpath = "/var/log/httpd/error_log*"; 287 - backend = "auto"; 288 - findtime = 600; 289 - bantime = 600; 290 - maxretry = 5; 291 - }; 292 - }; 293 279 }; 294 280 295 281 # =============================================================================