From 25f45ec6f61a54cd56fa51cdc6581d9a147b3a36 Mon Sep 17 00:00:00 2001
From: Antoine Martin <antoine97.martin@gmail.com>
Date: Mon, 22 Feb 2021 15:07:29 +0100
Subject: [PATCH] fail2ban: setup service

---
 hosts/poseidon/default.nix |  4 ++++
 services/default.nix       |  1 +
 services/fail2ban.nix      | 14 ++++++++++++++
 3 files changed, 19 insertions(+)
 create mode 100644 services/fail2ban.nix

diff --git a/hosts/poseidon/default.nix b/hosts/poseidon/default.nix
index f4baea2..d5ec7c7 100644
--- a/hosts/poseidon/default.nix
+++ b/hosts/poseidon/default.nix
@@ -80,6 +80,10 @@ in
       repo = secrets.borg-backup-repo;
     };
 
+    fail2ban = {
+      enable = true;
+    };
+
     gitea = {
       enable = true;
       privatePort = 8082;
diff --git a/services/default.nix b/services/default.nix
index ab4e763..707a116 100644
--- a/services/default.nix
+++ b/services/default.nix
@@ -4,6 +4,7 @@
   imports = [
     ./bitwarden_rs.nix
     ./borg-backup.nix
+    ./fail2ban.nix
     ./gitea.nix
     ./jellyfin.nix
     ./matrix.nix
diff --git a/services/fail2ban.nix b/services/fail2ban.nix
new file mode 100644
index 0000000..c5609ed
--- /dev/null
+++ b/services/fail2ban.nix
@@ -0,0 +1,14 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+let
+  cfg = config.my.services.fail2ban;
+in {
+  options.my.services.fail2ban = {
+    enable = mkEnableOption "Enable fail2ban";
+  };
+
+  config = mkIf cfg.enable {
+    services.fail2ban.enable = true;
+  };
+}