From 1f0101786a8c3eb9767132bf5317672b3cf9d16c Mon Sep 17 00:00:00 2001
From: Gregor Kleen <gkleen@yggdrasil.li>
Date: Mon, 13 Dec 2021 18:05:08 +0100
Subject: surtr: nftables

---
 hosts/surtr/default.nix | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'hosts/surtr/default.nix')

diff --git a/hosts/surtr/default.nix b/hosts/surtr/default.nix
index 028ae832..61d28f22 100644
--- a/hosts/surtr/default.nix
+++ b/hosts/surtr/default.nix
@@ -64,6 +64,12 @@
         ];
       };
 
+      firewall.enable = false;
+      nftables = {
+        enable = true;
+        rulesetFile = ./ruleset.nft;
+      };
+
       firewall = {
         enable = true;
         allowPing = true;
-- 
cgit v1.2.3