sapphic.moe
+2
-1
services/fail2ban/default.nix
+2
-1
services/fail2ban/default.nix
···
102
102
# Report IP to AbuseIPDB, reading API key from Agenix secret file
103
103
# Uses double quotes to allow shell expansion of $(cat /run/agenix/abuseipdb)
104
104
# Sleep 12 seconds to respect AbuseIPDB rate limit (~5 requests per minute)
105
-
actionban = sleep 12; curl --fail 'https://api.abuseipdb.com/api/v2/report' -H 'Accept: application/json' -H "Key: $(cat /run/agenix/abuseipdb)" --data-urlencode 'ip=<ip>' --data-urlencode 'comment=<matches>' --data 'categories=<abuseipdb_category>'
105
+
# Note: Don't use <matches> - fail2ban's wrapper causes issues with multiline content
106
+
actionban = sleep 12; curl --fail 'https://api.abuseipdb.com/api/v2/report' -H 'Accept: application/json' -H "Key: $(cat /run/agenix/abuseipdb)" --data-urlencode 'ip=<ip>' --data 'categories=<abuseipdb_category>'
106
107
107
108
actionstart =
108
109
actionstop =