diff --git a/nixos/services/forgejo/default.nix b/nixos/services/forgejo/default.nix
index b6fd1e7..5c77e54 100644
--- a/nixos/services/forgejo/default.nix
+++ b/nixos/services/forgejo/default.nix
@@ -10,15 +10,9 @@ in {
   options.trivium.services.forgejo = {
     enable = mkEnableOption "forgejo settings";
 
-    fail2ban = mkOption {
-      type = types.bool;
-      default = true;
-      description = "Enable fail2ban jail for failed authentication attempt, invalid credentials, attempted access of unknown user.";
-    };
-
     virtualHost = mkOption {
       type = types.string;
-      description = "Virtualhost to use for nginx's reverse proxy. Usually something likge git.<your server>.com";
+      description = "Virtualhost to use for nginx's reverse proxy. Usually something like git.<your server>.com";
     };
 
     appName = mkOption {
@@ -29,17 +23,11 @@ in {
     disableRegistration = mkOption {
       type = types.bool;
       default = true;
-      description = "Turn this off just to create the first admin account.";
+      description = "Turn this off just to create the first admin account";
     };
   };
 
   config = mkIf cfg.enable {
-    environment.etc."fail2ban/filter.d/gitea.local".text = ''
-      [Definition]
-      failregex = .*(Failed authentication attempt|invalid credentials|Attempted access of unknown user).* from <HOST>
-      ignoreregex =
-    '';
-
     services = {
       nginx = {
         virtualHosts."${cfg.virtualHost}" = {
@@ -53,15 +41,6 @@ in {
         };
       };
 
-      fail2ban.jails.gitea.settings = mkIf cfg.fail2ban {
-        filter = "gitea";
-        logpath = "${config.services.gitea.stateDir}/log/gitea.log";
-        maxretry = "10";
-        findtime = "3600";
-        bantime = "900";
-        action = "iptables-allports";
-      };
-
       forgejo = {
         enable = true;
         lfs.enable = true;