From b441618575d8ebf986fc0b60e6310384aca54b0b Mon Sep 17 00:00:00 2001
From: JuliusFreudenberger <julius+git@jfreudenberger.de>
Date: Wed, 11 Mar 2026 22:53:54 +0100
Subject: [PATCH] Add fail2ban to sshd module

---
 modules/sshd.nix | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/modules/sshd.nix b/modules/sshd.nix
index 49af4a5..551c0d4 100644
--- a/modules/sshd.nix
+++ b/modules/sshd.nix
@@ -3,11 +3,17 @@
   lib,
   ...
 }: {
-  services.openssh = {
-    enable = true;
-    settings = {
-      PasswordAuthentication = false;
-      PermitRootLogin = "no";
+  services = {
+    openssh = {
+      enable = true;
+      settings = {
+        PasswordAuthentication = false;
+        PermitRootLogin = "no";
+      };
+    };
+    fail2ban = {
+      enable = true;
+      bantime = "1h";
     };
   };
 }