From 1c6e94ad0e852b85df2b4ab3fe2ebfd2e5bba406 Mon Sep 17 00:00:00 2001
From: Andrea Ciceri <andrea.ciceri@autistici.org>
Date: Sun, 2 Apr 2023 16:16:52 +0200
Subject: [PATCH] `fail2ban`

---
 modules/ssh/default.nix | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/modules/ssh/default.nix b/modules/ssh/default.nix
index 9a3feff..ddde73c 100644
--- a/modules/ssh/default.nix
+++ b/modules/ssh/default.nix
@@ -1,4 +1,10 @@
 {fleetFlake, ...}: {
-  services.sshd.enable = true;
+  services = {
+    sshd.enable = true;
+    fail2ban = {
+      enable = true;
+      maxretry = 10;
+    };
+  };
   users.users.root.openssh.authorizedKeys.keys = builtins.attrValues (import "${fleetFlake}/lib").keys.users;
 }