services: photoprism: add fail2ban rules
This commit is contained in:
parent
00df5ff49b
commit
9b3ac220a5
|
@ -91,5 +91,23 @@ in {
|
||||||
"${cfg.home}/storage"
|
"${cfg.home}/storage"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
services.fail2ban.jails = {
|
||||||
|
photoprism = ''
|
||||||
|
enabled = true
|
||||||
|
filter = vaultwarden
|
||||||
|
port = http,https
|
||||||
|
maxretry = 3
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
environment.etc = {
|
||||||
|
"fail2ban/filter.d/photoprism.conf".text = ''
|
||||||
|
[Definition]
|
||||||
|
failregex = ^<HOST> -.*"POST \/api\/v1\/session HTTP[^"]*" 400 .*$
|
||||||
|
ignoreregex =
|
||||||
|
journalmatch = _SYSTEMD_UNIT=vaultwarden.service
|
||||||
|
'';
|
||||||
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue