diff options
| author | Gregor Kleen <gkleen@yggdrasil.li> | 2022-05-04 08:35:56 +0200 |
|---|---|---|
| committer | Gregor Kleen <gkleen@yggdrasil.li> | 2022-05-04 08:36:23 +0200 |
| commit | fd78bbb4ce5a9634e1f8c51b82ccfa958e10b45e (patch) | |
| tree | 17d5264f10faa3e967bed27976d6e1966f0a1228 /hosts/sif/default.nix | |
| parent | 14003a8016ef6572a85541010e8e0b955d4bc9cd (diff) | |
| download | nixos-fd78bbb4ce5a9634e1f8c51b82ccfa958e10b45e.tar nixos-fd78bbb4ce5a9634e1f8c51b82ccfa958e10b45e.tar.gz nixos-fd78bbb4ce5a9634e1f8c51b82ccfa958e10b45e.tar.bz2 nixos-fd78bbb4ce5a9634e1f8c51b82ccfa958e10b45e.tar.xz nixos-fd78bbb4ce5a9634e1f8c51b82ccfa958e10b45e.zip | |
sif: nftables
Diffstat (limited to 'hosts/sif/default.nix')
| -rw-r--r-- | hosts/sif/default.nix | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/hosts/sif/default.nix b/hosts/sif/default.nix index 11f74373..bcfa1e10 100644 --- a/hosts/sif/default.nix +++ b/hosts/sif/default.nix | |||
| @@ -65,13 +65,19 @@ in { | |||
| 65 | "::1" = [ "sif.yggdrasil" "sif" ]; | 65 | "::1" = [ "sif.yggdrasil" "sif" ]; |
| 66 | }; | 66 | }; |
| 67 | 67 | ||
| 68 | firewall = { | 68 | firewall.enable = false; |
| 69 | nftables = { | ||
| 69 | enable = true; | 70 | enable = true; |
| 70 | allowedTCPPorts = [ 22 # ssh | 71 | rulesetFile = ./ruleset.nft; |
| 71 | 8000 # quickserve | ||
| 72 | ]; | ||
| 73 | }; | 72 | }; |
| 74 | 73 | ||
| 74 | # firewall = { | ||
| 75 | # enable = true; | ||
| 76 | # allowedTCPPorts = [ 22 # ssh | ||
| 77 | # 8000 # quickserve | ||
| 78 | # ]; | ||
| 79 | # }; | ||
| 80 | |||
| 75 | # wlanInterfaces = { | 81 | # wlanInterfaces = { |
| 76 | # wlan0 = { | 82 | # wlan0 = { |
| 77 | # device = "wlp82s0"; | 83 | # device = "wlp82s0"; |