Add fail2ban jails for more services

hosts/cube/grafana.nix

@@ -8,6 +8,11 @@ in serverSystemConfiguration {
   age.secrets."cube/password.grafana".owner      = "grafana";
   age.secrets."cube/password.mail.grafana".owner = "grafana";
 
+  services.fail2ban.jails.grafana.settings = {
+    filter   = "grafana";
+    maxretry = 3;
+  };
+
   systemd.services.grafana.requires = [ "postgresql.service" ];
 
   services.grafana = enabled {

hosts/cube/mail.nix

@@ -20,6 +20,18 @@ in serverSystemConfiguration {
     }];
   }];
 
+  services.fail2ban.jails = {
+    dovecot.settings = {
+      filter   = "dovecot";
+      maxretry = 3;
+    };
+
+    postfix.settings = {
+      filter   = "postfix";
+      maxretry = 3;
+    };
+  };
+
   services.kresd.listenPlain         = lib.mkForce [ "[::]:53" "0.0.0.0:53" ];
   services.redis.servers.rspamd.bind = "0.0.0.0";
 

hosts/cube/nextcloud.nix

@@ -6,7 +6,6 @@ let
   fqdn = "cloud.${domain}";
 in serverSystemConfiguration {
   age.secrets."cube/password.nextcloud".owner      = "nextcloud";
-  age.secrets."cube/password.mail.nextcloud".owner = "nextcloud";
 
   systemd.services.nextcloud-setup.requires = [ "postgresql.service" ];
 
@@ -24,7 +23,6 @@ in serverSystemConfiguration {
     config.dbhost = "/run/postgresql";
     config.dbtype = "pgsql";
 
-    secretFile = config.age.secrets."cube/password.mail.nextcloud".path;
     extraOptions = {
       default_phone_region = "TR";