36 lines
712 B
Nix
36 lines
712 B
Nix
{ pkgs, ... }:
|
|
{
|
|
security.crowdsec = {
|
|
enable = true;
|
|
|
|
parserWhitelist = [
|
|
"1.64.239.213"
|
|
];
|
|
|
|
settings.crowdsec_service.acquisition_path = pkgs.writeText "crowdsec-acquisitions.yaml" ''
|
|
---
|
|
source: journalctl
|
|
journalctl_filter:
|
|
- "SYSLOG_IDENTIFIER=Nextcloud"
|
|
labels:
|
|
type: syslog
|
|
---
|
|
source: journalctl
|
|
journalctl_filter:
|
|
- "SYSLOG_IDENTIFIER=sshd-session"
|
|
labels:
|
|
type: syslog
|
|
---
|
|
'';
|
|
|
|
remediationComponents.firewallBouncer = {
|
|
enable = true;
|
|
settings.prometheus = {
|
|
enabled = true;
|
|
listen_addr = "127.0.0.1";
|
|
listen_port = "60601";
|
|
};
|
|
};
|
|
};
|
|
}
|