diff options
author | Gregor Kleen <gkleen@yggdrasil.li> | 2022-05-04 08:35:56 +0200 |
---|---|---|
committer | Gregor Kleen <gkleen@yggdrasil.li> | 2022-05-04 08:36:23 +0200 |
commit | fd78bbb4ce5a9634e1f8c51b82ccfa958e10b45e (patch) | |
tree | 17d5264f10faa3e967bed27976d6e1966f0a1228 /hosts/sif/default.nix | |
parent | 14003a8016ef6572a85541010e8e0b955d4bc9cd (diff) | |
download | nixos-fd78bbb4ce5a9634e1f8c51b82ccfa958e10b45e.tar nixos-fd78bbb4ce5a9634e1f8c51b82ccfa958e10b45e.tar.gz nixos-fd78bbb4ce5a9634e1f8c51b82ccfa958e10b45e.tar.bz2 nixos-fd78bbb4ce5a9634e1f8c51b82ccfa958e10b45e.tar.xz nixos-fd78bbb4ce5a9634e1f8c51b82ccfa958e10b45e.zip |
sif: nftables
Diffstat (limited to 'hosts/sif/default.nix')
-rw-r--r-- | hosts/sif/default.nix | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/hosts/sif/default.nix b/hosts/sif/default.nix index 11f74373..bcfa1e10 100644 --- a/hosts/sif/default.nix +++ b/hosts/sif/default.nix | |||
@@ -65,13 +65,19 @@ in { | |||
65 | "::1" = [ "sif.yggdrasil" "sif" ]; | 65 | "::1" = [ "sif.yggdrasil" "sif" ]; |
66 | }; | 66 | }; |
67 | 67 | ||
68 | firewall = { | 68 | firewall.enable = false; |
69 | nftables = { | ||
69 | enable = true; | 70 | enable = true; |
70 | allowedTCPPorts = [ 22 # ssh | 71 | rulesetFile = ./ruleset.nft; |
71 | 8000 # quickserve | ||
72 | ]; | ||
73 | }; | 72 | }; |
74 | 73 | ||
74 | # firewall = { | ||
75 | # enable = true; | ||
76 | # allowedTCPPorts = [ 22 # ssh | ||
77 | # 8000 # quickserve | ||
78 | # ]; | ||
79 | # }; | ||
80 | |||
75 | # wlanInterfaces = { | 81 | # wlanInterfaces = { |
76 | # wlan0 = { | 82 | # wlan0 = { |
77 | # device = "wlp82s0"; | 83 | # device = "wlp82s0"; |