From 45d22ff08c5d3ac85ac5db2f10ab139e87c3f9e0 Mon Sep 17 00:00:00 2001
From: jasmine <its.jassy@pm.me>
Date: Thu, 6 Jun 2024 20:45:08 +0800
Subject: [PATCH] Setup SSH tarpit with prometheus integration.

---
 nixos/viridian/services/endlessh-go.nix | 30 +++++++++++++++++++++++++
 1 file changed, 30 insertions(+)
 create mode 100644 nixos/viridian/services/endlessh-go.nix

diff --git a/nixos/viridian/services/endlessh-go.nix b/nixos/viridian/services/endlessh-go.nix
new file mode 100644
index 0000000..dcbe0e3
--- /dev/null
+++ b/nixos/viridian/services/endlessh-go.nix
@@ -0,0 +1,30 @@
+{ config, ... }:
+
+{
+  services.endlessh-go = {
+    enable = true;
+    port = 22;  # SSH port
+    prometheus = {
+      enable = true;
+      listenAddress = "127.0.0.1";
+      port = 2112; # Prometheus metrics port
+    };
+    extraOptions = [
+      "-interval_ms=1000"
+      "-logtostderr"
+      "-v=1"
+      "-geoip_supplier=ip-api"
+    ];
+    openFirewall = true;
+  };
+
+  services.prometheus.scrapeConfigs = [
+    {
+      job_name = "endlessh";
+      static_configs = [{
+        targets = [ "127.0.0.1:${toString config.services.endlessh-go.prometheus.port}" ];
+      }];
+    }
+  ];
+}
+