From 205f85271b9747278427b766077f8fce22510d4e Mon Sep 17 00:00:00 2001
From: jasmine <its.jassy@pm.me>
Date: Thu, 28 Nov 2024 22:23:04 +0800
Subject: [PATCH] enable whitelist for ipv4 ranges

---
 nixos/viridian/services/crowdsec/default.nix | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/nixos/viridian/services/crowdsec/default.nix b/nixos/viridian/services/crowdsec/default.nix
index 691c394..3df8bd5 100644
--- a/nixos/viridian/services/crowdsec/default.nix
+++ b/nixos/viridian/services/crowdsec/default.nix
@@ -95,6 +95,24 @@ in {
     ];
   };
 
+  environment.etc = {
+    "/crowdsec/parsers/s02-enrich/whitelist.yaml" = {
+      text = ''
+        name: "sajenim/whitelist"
+        description: "Whitelist events from my ipv4 addresses"
+        whitelist:
+          reason: "my ipv4 ranges"
+          ip:
+            - "127.0.0.1"
+          cidr:
+            - "192.168.0.0/16"
+            - "10.0.0.0/8"
+            - "172.16.0.0/12"
+      '';
+      mode = "0755";
+    };
+  };
+
   environment.persistence."/persist" = {
     directories = [
       {