Noratrieb/vps
1
0
Fork 0
mirror of https://github.com/Noratrieb/vps.git synced 2026-01-16 09:35:10 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

cleanup

Browse source
This commit is contained in:
nora 2025-08-03 16:37:18 +02:00
parent beb86b7ea9
commit a4e5e3720b
12 changed files with 134 additions and 176 deletions
Download patch file Download diff file Expand all files Collapse all files

29
nix/apps/fakessh/default.nix Normal file
View file

@ -0,0 +1,29 @@
{ lib, pkgs, my-projects-versions, ... }:
let cluelessh = import (fetchTarball "https://github.com/Noratrieb/cluelessh/archive/${my-projects-versions.cluelessh}.tar.gz");
in
{
systemd.services.fakessh = {
description = "cluelessh-faked ssh honeypot";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
serviceConfig = {
Restart = "on-failure";
RestartSec = "5s";
ExecStart = "${lib.getExe' (cluelessh {inherit pkgs;}) "cluelessh-faked" }";
# i really don't trust this.
DynamicUser = true;
AmbientCapabilities = "CAP_NET_BIND_SERVICE";
MemoryHigh = "100M";
MemoryMax = "200M";
# config
Environment = [
"FAKESSH_LISTEN_ADDR=0.0.0.0:22"
"RUST_LOG=debug"
#"FAKESSH_JSON_LOGS=1"
];
};
};
networking.firewall.allowedTCPPorts = [ 22 ];
}