diff options
| author | datafoo <34766150+datafoo@users.noreply.github.com> | 2023-04-17 11:22:09 +0200 |
|---|---|---|
| committer | pennae <82953136+pennae@users.noreply.github.com> | 2023-04-19 19:18:31 +0200 |
| commit | 3403ee06021fd441c467f12e8ccde7ce66557304 (patch) | |
| tree | 7d082ae65156cca3307cb69bc4228f451798da30 /nixos/modules/services/security | |
| parent | d32a852d2af256925ef1ec1a0024d650a77f9f86 (diff) | |
| download | nixlib-3403ee06021fd441c467f12e8ccde7ce66557304.tar nixlib-3403ee06021fd441c467f12e8ccde7ce66557304.tar.gz nixlib-3403ee06021fd441c467f12e8ccde7ce66557304.tar.bz2 nixlib-3403ee06021fd441c467f12e8ccde7ce66557304.tar.lz nixlib-3403ee06021fd441c467f12e8ccde7ce66557304.tar.xz nixlib-3403ee06021fd441c467f12e8ccde7ce66557304.tar.zst nixlib-3403ee06021fd441c467f12e8ccde7ce66557304.zip | |
nixos/fail2ban: add bantime option
Diffstat (limited to 'nixos/modules/services/security')
| -rw-r--r-- | nixos/modules/services/security/fail2ban.nix | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/nixos/modules/services/security/fail2ban.nix b/nixos/modules/services/security/fail2ban.nix index ead24d147071..1962d3f59c9f 100644 --- a/nixos/modules/services/security/fail2ban.nix +++ b/nixos/modules/services/security/fail2ban.nix @@ -78,6 +78,13 @@ in ''; }; + bantime = mkOption { + default = null; + type = types.nullOr types.str; + example = "10m"; + description = lib.mdDoc "Number of seconds that a host is banned."; + }; + maxretry = mkOption { default = 3; type = types.ints.unsigned; @@ -320,6 +327,9 @@ in ''} # Miscellaneous options ignoreip = 127.0.0.1/8 ${optionalString config.networking.enableIPv6 "::1"} ${concatStringsSep " " cfg.ignoreIP} + ${optionalString (cfg.bantime != null) '' + bantime = ${cfg.bantime} + ''} maxretry = ${toString cfg.maxretry} backend = systemd # Actions |