From 34bc5b19336a086e0c26c5acb633be1fb2ea12e1 Mon Sep 17 00:00:00 2001
From: Leyla Becker <git@jan-leila.com>
Date: Tue, 4 Mar 2025 21:30:45 -0600
Subject: [PATCH] added tailnet devices to fail2ban whitelist

---
 modules/nixos-modules/server/fail2ban.nix | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/modules/nixos-modules/server/fail2ban.nix b/modules/nixos-modules/server/fail2ban.nix
index 39a8fd2..2f6dc58 100644
--- a/modules/nixos-modules/server/fail2ban.nix
+++ b/modules/nixos-modules/server/fail2ban.nix
@@ -20,6 +20,10 @@ in {
           "10.0.0.0/8"
           "172.16.0.0/12"
           "192.168.0.0/16"
+
+          # tail scale tailnet
+          "100.64.0.0/10"
+          "fd7a:115c:a1e0::/48"
         ];
         bantime = "24h"; # Ban IPs for one day on the first ban
         bantime-increment = {