Malte Brandy
cebf9198f3
treewide: De-inline uses of lib.boolToString
...
This commit should not change eval results
2020-10-14 01:46:17 +02:00
Simon Lackerbauer
017dca51fa
fail2ban: fix firewall warning
2020-03-22 18:11:36 +01:00
Izorkin
c75398b10a
nixos/fail2ban: disable work fail2ban without firewall
2020-03-18 09:54:19 +03:00
Izorkin
96e2669114
nixos/fail2ban: enable sandboxing
2020-01-29 23:15:56 +03:00
Izorkin
f1d7dfe29f
nixos/fail2ban: add custom options
2020-01-29 23:15:56 +03:00
Izorkin
a55be8d794
nixos/fail2ban: update serviceConfig
2020-01-29 23:15:56 +03:00
Izorkin
182012ef43
nixos/fail2ban: add options to enable work service with iptables-compat
2020-01-29 23:15:56 +03:00
Izorkin
68d601d65c
nixos/fail2ban: clean-up configuration
2020-01-29 23:15:56 +03:00
Renaud
fa0a63ec13
fail2ban service : improve ssh jail ( #21131 )
...
Improvement to the ssh-iptables to block the port(s) actually defined
for sshd in config.services.openssh.ports
2016-12-14 14:58:02 +01:00
Taeradan
77028b1e8d
fail2ban service: add iproute to PATH
...
iproute is required for blocking via null routes; without it, rules
based on routes.conf will fail.
Closes #15638
2016-05-23 15:57:21 +02:00
Alexander Ried
fc941899a3
fail2ban: rework service
2016-04-26 20:34:41 +02:00
Leroy Hopson
eb90705d45
fail2ban service: fix formatting of example
2016-02-27 22:25:39 +13:00
Svein Ove Aas
f16594e18b
nixos/fail2ban: Enable jails by default
...
With jails defaulting to 'enabled = true', the sshd jail that NixOS
defines will now be enabled.
[Bjørn: tweak commit message]
2016-01-04 21:52:32 +01:00
Bjørn Forsman
25a6745310
nixos/fail2ban: capitalize service description
2015-02-22 16:54:14 +01:00
Bjørn Forsman
b7a889759d
nixos/fail2ban: don't use types.string (it's deprecated)
...
I'm not really sure which one of types.lines or types.str that fit
better, but I'm going for types.lines because it behaves more like the
current type (i.e. have the ability to merge).
2014-09-05 22:56:30 +02:00
Joel Taylor
d8cca3d624
fail2ban: systemd support
...
- upgrade fail2ban to 0.9
- override systemd to enable python support and include sqlite3 module
- make fail2ban enablable
2014-08-08 00:10:19 +02:00
Eelco Dolstra
29027fd1e1
Rewrite ‘with pkgs.lib’ -> ‘with lib’
...
Using pkgs.lib on the spine of module evaluation is problematic
because the pkgs argument depends on the result of module
evaluation. To prevent an infinite recursion, pkgs and some of the
modules are evaluated twice, which is inefficient. Using ‘with lib’
prevents this problem.
2014-04-14 16:26:48 +02:00
Eelco Dolstra
14018c2de1
fail2ban: Fix preStart action
...
Creating /run/fail2ban didn't work since it didn't have write
permission to /run. Now it does.
Reported by Thomas Bereknyei.
2013-12-11 21:16:58 +01:00
Eelco Dolstra
7c7bfa817a
fail2ban: Update to 0.8.10
...
Also fix random start failures due to a race between the fail2ban
server and the postStart script.
2013-10-16 10:03:43 +02:00
Eelco Dolstra
5c1f8cbc70
Move all of NixOS to nixos/ in preparation of the repository merge
2013-10-10 13:28:20 +02:00