cnst/cnix
1
0
Fork 0
Code Issues Pull Requests Activity

fix(fail2ban): some hacky fix

Browse Source
This commit is contained in:
cnst
2025-10-07 21:05:43 +02:00
parent 549037fe69
commit 46aa5a9deb
7 changed files with 50 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
modules/server/nextcloud/default.nix
View File

@@ -54,8 +54,14 @@ in {
server.fail2ban = lib.mkIf config.server.fail2ban.enable {
jails = {
nextcloud = {
serviceName = "phpfpm-nextcloud";
failRegex = "^.*Login failed:.*(Remote IP: <HOST>).*$";
serviceName = "${unit}";
_groupsre = ''(?:(?:,?\s*"\w+":(?:"[^"]+"|\w+))*)'';
failRegex = ''
^\{%(_groupsre)s,?\s*"remoteAddr":"<HOST>"%(_groupsre)s,?\s*"message":"Login failed:
^\{%(_groupsre)s,?\s*"remoteAddr":"<HOST>"%(_groupsre)s,?\s*"message":"Two-factor challenge failed:
^\{%(_groupsre)s,?\s*"remoteAddr":"<HOST>"%(_groupsre)s,?\s*"message":"Trusted domain error.
'';
datePattern = '',?\s*"time"\s*:\s*"%%Y-%%m-%%d[T ]%%H:%%M:%%S(%%z)?"'';
};
};
};