From 644f9371ebfe91fdc535d5b8fad2c8a22e14a994 Mon Sep 17 00:00:00 2001
From: Leyla Becker <git@jan-leila.com>
Date: Sat, 12 Jul 2025 15:04:44 -0500
Subject: [PATCH] added home assistant to fail2ban

---
 modules/nixos-modules/server/fail2ban.nix | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/modules/nixos-modules/server/fail2ban.nix b/modules/nixos-modules/server/fail2ban.nix
index be83e6f..1851e33 100644
--- a/modules/nixos-modules/server/fail2ban.nix
+++ b/modules/nixos-modules/server/fail2ban.nix
@@ -61,16 +61,16 @@ in {
             bantime = 600;
             maxretry = 5;
           };
-          # home-assistant-iptables.settings = lib.mkIf config.services.home-assistant.enable {
-          #   enabled = true;
-          #   filter = "hass";
-          #   action = ''iptables-multiport[name=HTTP, port="http,https"]'';
-          #   logpath = "${config.services.home-assistant.configDir}/*.log";
-          #   backend = "auto";
-          #   findtime = 600;
-          #   bantime = 600;
-          #   maxretry = 5;
-          # };
+          home-assistant-iptables.settings = lib.mkIf config.services.home-assistant.enable {
+            enabled = true;
+            filter = "hass";
+            action = ''iptables-multiport[name=HTTP, port="http,https"]'';
+            logpath = "${config.services.home-assistant.configDir}/*.log";
+            backend = "auto";
+            findtime = 600;
+            bantime = 600;
+            maxretry = 5;
+          };
           # TODO; figure out if there is any fail2ban things we can do on searx
           # searx-iptables.settings = lib.mkIf config.services.searx.enable {};
         };