I want to set the mode for the sshd jail to aggressive. Is there a way to extend this built-in jail without redeclaring it entirely in services.fail2ban.jails? Since the sshd jail comes with NixOS I was expecting it to be configurable declaratively.
An alternative I see is setting mode for all jails in services.fail2ban.extraSettings but I only want to set it for sshd at this time.
This does not work unfortunately. The result is that only this one line is added to the jail configuration instead of being appended to the other lines.