Setup SSH tarpit with prometheus integration.

2024-06-06 20:45:08 +08:00 · 2024-06-06 20:45:08 +08:00 · 45d22ff08c
parent 6c290fa729
commit 45d22ff08c
1 changed files with 30 additions and 0 deletions
--- a/nixos/viridian/services/endlessh-go.nix
+++ b/nixos/viridian/services/endlessh-go.nix
@ -0,0 +1,30 @@
+{ config, ... }:
+
+{
+  services.endlessh-go = {
+    enable = true;
+    port = 22;  # SSH port
+    prometheus = {
+      enable = true;
+      listenAddress = "127.0.0.1";
+      port = 2112; # Prometheus metrics port
+    };
+    extraOptions = [
+      "-interval_ms=1000"
+      "-logtostderr"
+      "-v=1"
+      "-geoip_supplier=ip-api"
+    ];
+    openFirewall = true;
+  };
+
+  services.prometheus.scrapeConfigs = [
+    {
+      job_name = "endlessh";
+      static_configs = [{
+        targets = [ "127.0.0.1:${toString config.services.endlessh-go.prometheus.port}" ];
+      }];
+    }
+  ];
+}
+