Compare commits

..

2 commits

Author SHA1 Message Date
ac271564b2
Remove email address from gitea config 2023-02-12 10:18:15 +01:00
f10c6975b9
Add fail2ban config 2023-02-12 10:18:00 +01:00
2 changed files with 68 additions and 1 deletions

View file

@ -0,0 +1,67 @@
---
title: "Fail2ban"
weight: 1
# bookFlatSection: false
# bookToc: true
# bookHidden: false
# bookCollapseSection: false
# bookComments: false
# bookSearchExclude: false
---
# Fail2ban
## Installation
Installer le paquet `fail2ban`.
## Configuration
```ini
[DEFAULT]
bantime = 1h
bantime.increment = true
ignoreip = 127.0.0.1/8 ::1
banaction = ufw[comment="fail2ban"]
banaction_allports = ufw[type=allports,comment="fail2ban"]
destemail = ...
sender = ...
action = %(action_mwl)s
```
### Services
```ini
[sshd]
enabled = true
mode = aggressive
[postfix]
enabled = true
mode = aggressive
[dovecot]
enabled = true
mode = aggressive
[bitwarden]
enabled = true
logpath = /var/log/vaultwarden.log
[nginx-http-auth]
enabled = true
[nginx-botsearch]
enabled = true
[sieve]
enabled = true
[nextcloud]
enabled = true
logpath = /var/log/nextcloud/nextcloud.log
```
## Démarrage
Activer le service `fail2ban.service`.

View file

@ -89,7 +89,7 @@ DEFAULT_BRANCH = main
ENABLED = true ENABLED = true
SUBJECT_PREFIX = [Gitea] SUBJECT_PREFIX = [Gitea]
HOST = edgarpierre.fr:465 HOST = edgarpierre.fr:465
FROM = gitea@edgarpierre.fr FROM = ...
USER = gitea USER = gitea
PASSWD = *** PASSWD = ***
SEND_AS_PLAIN_TEXT = true SEND_AS_PLAIN_TEXT = true