security: update f2b

This commit is contained in:
notohh 2023-12-30 13:33:47 -05:00
parent 5155280203
commit 2e69421f10
Signed by: notohh
GPG key ID: BD47506D475EE86D

View file

@ -40,13 +40,16 @@
"net.ipv4.tcp_congestion_control" = "bbr"; "net.ipv4.tcp_congestion_control" = "bbr";
"net.core.default_qdisc" = "cake"; "net.core.default_qdisc" = "cake";
}; };
boot.kernelModules = ["tcp_bbr"]; boot.kernelModules = ["tcp_bbr"];
# So we don't have to do this later... services.openssh.settings.LogLevel = "VERBOSE";
security.acme = { security.acme = {
acceptTerms = true; acceptTerms = true;
defaults.email = "github@notohh.dev"; defaults.email = "github@notohh.dev";
}; };
services.fail2ban = { services.fail2ban = {
enable = true; enable = true;
bantime = "1h"; bantime = "1h";
@ -55,14 +58,16 @@
"192.168.0.0/16" "192.168.0.0/16"
"172.16.0.0/12" "172.16.0.0/12"
"10.0.0.0/8" "10.0.0.0/8"
"5.161.181.184/32" "5.161.102.107/32"
"100.71.49.65/10" "100.71.49.65/10"
"100.82.146.40/10" "100.82.146.40/10"
]; ];
jails.DEFAULT = { jails = {
settings = { DEFAULT = {
findtime = 100000; settings = {
mode = "aggressive"; findtime = 100000;
mode = "aggressive";
};
}; };
}; };
}; };