diff options
Diffstat (limited to 'nixos/modules/services/security/fail2ban.nix')
| -rw-r--r-- | nixos/modules/services/security/fail2ban.nix | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/nixos/modules/services/security/fail2ban.nix b/nixos/modules/services/security/fail2ban.nix index ead24d147071..1962d3f59c9f 100644 --- a/nixos/modules/services/security/fail2ban.nix +++ b/nixos/modules/services/security/fail2ban.nix @@ -78,6 +78,13 @@ in ''; }; + bantime = mkOption { + default = null; + type = types.nullOr types.str; + example = "10m"; + description = lib.mdDoc "Number of seconds that a host is banned."; + }; + maxretry = mkOption { default = 3; type = types.ints.unsigned; @@ -320,6 +327,9 @@ in ''} # Miscellaneous options ignoreip = 127.0.0.1/8 ${optionalString config.networking.enableIPv6 "::1"} ${concatStringsSep " " cfg.ignoreIP} + ${optionalString (cfg.bantime != null) '' + bantime = ${cfg.bantime} + ''} maxretry = ${toString cfg.maxretry} backend = systemd # Actions |