BeiNacht/nixos-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

updated some things

Browse Source
This commit is contained in:
Alexander Szczepanski
2021-06-29 19:25:57 +02:00
parent 84307f1160
commit 5449083e7c
1 changed files with 2 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
machine/vps/configuration.nix
View File

@ -54,7 +54,6 @@
}; };
}; };
# List packages installed in system profile. To search, run: # List packages installed in system profile. To search, run:
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
docker-compose docker-compose
@ -66,7 +65,7 @@
# Some programs need SUID wrappers, can be configured further or are # Some programs need SUID wrappers, can be configured further or are
# started in user sessions. # started in user sessions.
# programs.mtr.enable = true; programs.mtr.enable = true;
# programs.gnupg.agent = { # programs.gnupg.agent = {
# enable = true; # enable = true;
# enableSSHSupport = true; # enableSSHSupport = true;
@ -91,6 +90,7 @@
recommendedOptimisation = true; recommendedOptimisation = true;
recommendedProxySettings = true; recommendedProxySettings = true;
recommendedTlsSettings = true; recommendedTlsSettings = true;
clientMaxBodySize = "0";
virtualHosts = { virtualHosts = {
"szczepan.ski" = { "szczepan.ski" = {
@ -134,23 +134,6 @@
action = iptables[name=ssh, port=ssh, protocol=tcp] action = iptables[name=ssh, port=ssh, protocol=tcp]
enabled = true enabled = true
''; '';
jails.sshd-ddos =
''
filter = sshd-ddos
maxretry = 2
action = iptables[name=ssh, port=ssh, protocol=tcp]
enabled = true
'';
};
environment.etc."fail2ban/filter.d/sshd-ddos.conf" = {
enable = true;
text = ''
[Definition]
failregex = sshd(?:\[\d+\])?: Did not receive identification string from <HOST>$
ignoreregex =
'';
}; };
# Limit stack size to reduce memory usage # Limit stack size to reduce memory usage