Add fail2ban config

content/docs/server/services/fail2ban.md

@@ -0,0 +1,67 @@
+---
+title: "Fail2ban"
+weight: 1
+# bookFlatSection: false
+# bookToc: true
+# bookHidden: false
+# bookCollapseSection: false
+# bookComments: false
+# bookSearchExclude: false
+---
+
+# Fail2ban
+
+## Installation
+Installer le paquet `fail2ban`.
+
+## Configuration
+```ini
+[DEFAULT]
+bantime = 1h
+bantime.increment = true
+
+ignoreip = 127.0.0.1/8 ::1
+
+banaction = ufw[comment="fail2ban"]
+banaction_allports = ufw[type=allports,comment="fail2ban"]
+
+destemail = ...
+sender = ...
+
+action = %(action_mwl)s
+```
+
+### Services
+```ini
+[sshd]
+enabled = true
+mode = aggressive
+
+[postfix]
+enabled = true
+mode = aggressive
+
+[dovecot]
+enabled = true
+mode = aggressive
+
+[bitwarden]
+enabled = true
+logpath = /var/log/vaultwarden.log
+
+[nginx-http-auth]
+enabled = true
+
+[nginx-botsearch]
+enabled = true
+
+[sieve]
+enabled = true
+
+[nextcloud]
+enabled = true
+logpath = /var/log/nextcloud/nextcloud.log
+```
+
+## Démarrage
+Activer le service `fail2ban.service`.