jan-leila/nix-config
1
0
Fork 1
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

moved service config out of host namespace

Browse source
This commit is contained in:
Leyla Becker 2025-03-22 13:27:04 -05:00
parent c7938c3fe7
commit 597c25b49d
7 changed files with 98 additions and 125 deletions
Download patch file Download diff file Expand all files Collapse all files

9
modules/nixos-modules/server/fail2ban.nix
View file

@ -7,11 +7,7 @@
dataFolder = "/var/lib/fail2ban";
dataFile = "fail2ban.sqlite3";
in {
options.host.fail2ban = {
enable = lib.mkEnableOption "should fail 2 ban be enabled on this server";
};
config = lib.mkIf config.host.fail2ban.enable (lib.mkMerge [
config = lib.mkIf config.services.fail2ban.enable (lib.mkMerge [
{
environment.etc = {
"fail2ban/filter.d/nginx.local".text = lib.mkIf config.services.nginx.enable (
@ -37,7 +33,6 @@ in {
};
services.fail2ban = {
enable = true;
maxretry = 5;
ignoreIP = [
# Whitelist local networks
@ -90,8 +85,6 @@ in {
];
environment.persistence."/persist/system/root" = {
enable = true;
hideMounts = true;
directories = [
{
directory = dataFolder;