mirror of
https://github.com/Noratrieb/vps.git
synced 2026-01-14 16:55:00 +01:00
30 lines
831 B
Nix
30 lines
831 B
Nix
{ lib, pkgs, my-projects-versions, ... }:
|
|
let
|
|
cluelessh = import (pkgs.fetchFromGitHub my-projects-versions.cluelessh.fetchFromGitHub);
|
|
in
|
|
{
|
|
systemd.services.fakessh = {
|
|
description = "cluelessh-faked ssh honeypot";
|
|
wantedBy = [ "multi-user.target" ];
|
|
after = [ "network.target" ];
|
|
serviceConfig = {
|
|
Restart = "on-failure";
|
|
RestartSec = "5s";
|
|
ExecStart = "${lib.getExe' (cluelessh {inherit pkgs;}) "cluelessh-faked" }";
|
|
|
|
# i really don't trust this.
|
|
DynamicUser = true;
|
|
AmbientCapabilities = "CAP_NET_BIND_SERVICE";
|
|
MemoryHigh = "100M";
|
|
MemoryMax = "200M";
|
|
|
|
# config
|
|
Environment = [
|
|
"FAKESSH_LISTEN_ADDR=0.0.0.0:22"
|
|
"RUST_LOG=debug"
|
|
#"FAKESSH_JSON_LOGS=1"
|
|
];
|
|
};
|
|
};
|
|
networking.firewall.allowedTCPPorts = [ 22 ];
|
|
}
|