ADD firewall files

2022-06-01 18:27:21 +00:00 · 2022-06-01 18:27:21 +00:00 · f11a785747
parent f3c3a48be7
commit f11a785747
1 changed files with 17 additions and 0 deletions
--- a/hosts/services/firewall-services.nix
+++ b/hosts/services/firewall-services.nix
@ -0,0 +1,17 @@
+{ config, lib, pkgs, ... }:
+
+{
+  networking.firewall = {
+    allowPing = true;
+    # allowed TCP range
+    allowedTCPPorts = [ 22 80 2342 9001 9002];
+  };
+  services.fail2ban = {
+    enable = true;
+    maxretry = 2;
+    ignoreIP = [
+      "127.0.0.0/8" 
+      "212.114.16.52"
+    ];
+  };
+}