Add fail2ban jail and filter for Vaultwarden
This commit is contained in:
parent
d9512be620
commit
6921b62c6b
1 changed files with 20 additions and 0 deletions
|
|
@ -367,6 +367,19 @@
|
||||||
findtime = 600;
|
findtime = 600;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
"vaultwarden" = {
|
||||||
|
settings = {
|
||||||
|
enabled = true;
|
||||||
|
filter = "vaultwarden";
|
||||||
|
backend = "systemd"; # Crucial: Reads from journalctl
|
||||||
|
# Optimizes performance by only looking at logs with this identifier
|
||||||
|
# Based on your log: "heimserver immich[...]" -> identifier is "immich"
|
||||||
|
journalmatch = "_SYSTEMD_UNIT=vaultwarden.service + SYSLOG_IDENTIFIER=vaultwarden";
|
||||||
|
action = "iptables-allports";
|
||||||
|
maxretry = 5;
|
||||||
|
findtime = 600;
|
||||||
|
};
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
@ -388,6 +401,13 @@
|
||||||
ignoreregex =
|
ignoreregex =
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
environment.etc."fail2ban/filter.d/vaultwarden.local".text = ''
|
||||||
|
[Definition]
|
||||||
|
failregex = .*Username or password is incorrect\. Try again\. IP: <HOST>\. Username: .*
|
||||||
|
|
||||||
|
ignoreregex =
|
||||||
|
'';
|
||||||
|
|
||||||
environment.etc."magic-update-script.sh".text = ''
|
environment.etc."magic-update-script.sh".text = ''
|
||||||
#!/usr/bin/env bash
|
#!/usr/bin/env bash
|
||||||
set -euo pipefail
|
set -euo pipefail
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue