public
/
nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

nixos/fail2ban: update serviceConfig

This commit is contained in:
Izorkin 2019-12-02 16:25:18 +03:00
parent 182012ef43
commit a55be8d794
1 changed files with 2 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
nixos/modules/services/security/fail2ban.nix
View File

@ -139,19 +139,15 @@ in
path = [ cfg.package cfg.packageFirewall pkgs.iproute ]; path = [ cfg.package cfg.packageFirewall pkgs.iproute ];
preStart = ''
mkdir -p /var/lib/fail2ban
'';
unitConfig.Documentation = "man:fail2ban(1)"; unitConfig.Documentation = "man:fail2ban(1)";
serviceConfig = { serviceConfig = {
Type = "forking";
ExecStart = "${cfg.package}/bin/fail2ban-server -xf start"; ExecStart = "${cfg.package}/bin/fail2ban-server -xf start";
ExecStop = "${cfg.package}/bin/fail2ban-server stop"; ExecStop = "${cfg.package}/bin/fail2ban-server stop";
ExecReload = "${cfg.package}/bin/fail2ban-server reload"; ExecReload = "${cfg.package}/bin/fail2ban-server reload";
Type = "simple";
Restart = "on-failure";
PIDFile = "/run/fail2ban/fail2ban.pid"; PIDFile = "/run/fail2ban/fail2ban.pid";
Restart = "always";
ReadOnlyDirectories = "/"; ReadOnlyDirectories = "/";
ReadWriteDirectories = "/run/fail2ban /var/tmp /var/lib"; ReadWriteDirectories = "/run/fail2ban /var/tmp /var/lib";