sys: add exceptions for new IPv6 prefixes

author: Alejandro Soto <alejandro@34project.org> 2024-08-08 04:02:29 -0600
committer: Alejandro Soto <alejandro@34project.org> 2024-08-08 04:02:29 -0600
commit: da992b366ce234167f223a9bf25dba2dcf967af4 (patch)
tree: d70029835317a8ad6fde92c9f36eacb4ba561216 /sys
parent: 28c234a6df7a1c82c82d7e1eb6e05fa520cbe66c (diff)
2 files changed, 6 insertions, 5 deletions
diff --git a/sys/auth/openssh.nix b/sys/auth/openssh.nix
index 161fe6f..248ccc7 100644
--- a/sys/auth/openssh.nix
+++ b/sys/auth/openssh.nix
@@ -26,8 +26,8 @@ in
 
       type = with types; nullOr (submodule {
         options = {
-          address = mkOption {
-            type = str;
+          addresses = mkOption {
+            type = listOf str;
           };
 
           interface = mkOption {
@@ -103,9 +103,8 @@ in
         PasswordAuthentication = withOath; # Necesario para oath, no reemplaza a oath
       };
 
-      listenAddresses = mkIf (cfg.restrictListen != null) (singleton {
-        addr = cfg.restrictListen.address;
-      });
+      listenAddresses = mkIf (cfg.restrictListen != null)
+        (map (addr: { inherit addr; }) cfg.restrictListen.addresses);
     };
 
     users.users = {
diff --git a/sys/net/fail2ban.nix b/sys/net/fail2ban.nix
index 459fd4e..be79de5 100644
--- a/sys/net/fail2ban.nix
+++ b/sys/net/fail2ban.nix
@@ -24,7 +24,9 @@ in
       #TODO: No quemar
       ignoreIP = [
         "10.34.0.0/16"
+        "fd34:2::/64"
         "37.205.12.147"
+        "2a03:3b40:fe:3ec::1"
       ];
     };
   };
author	Alejandro Soto <alejandro@34project.org>	2024-08-08 04:02:29 -0600
committer	Alejandro Soto <alejandro@34project.org>	2024-08-08 04:02:29 -0600
commit	da992b366ce234167f223a9bf25dba2dcf967af4 (patch)
tree	d70029835317a8ad6fde92c9f36eacb4ba561216 /sys
parent	28c234a6df7a1c82c82d7e1eb6e05fa520cbe66c (diff)