services: photoprism: add fail2ban rules

This commit is contained in:
Antoine Martin 2022-10-13 11:47:24 +02:00
parent 00df5ff49b
commit 9b3ac220a5

View file

@ -91,5 +91,23 @@ in {
"${cfg.home}/storage"
];
};
services.fail2ban.jails = {
photoprism = ''
enabled = true
filter = vaultwarden
port = http,https
maxretry = 3
'';
};
environment.etc = {
"fail2ban/filter.d/photoprism.conf".text = ''
[Definition]
failregex = ^<HOST> -.*"POST \/api\/v1\/session HTTP[^"]*" 400 .*$
ignoreregex =
journalmatch = _SYSTEMD_UNIT=vaultwarden.service
'';
};
};
}