nixos-config/configs/nixos/plover/modules/services/firewall.nix

{ config, lib, pkgs, ... }:

let
  hostCfg = config.hosts.plover;
  cfg = hostCfg.services.firewall;
in
{
  options.hosts.plover.services.firewall.enable = lib.mkEnableOption "firewall setup";

  config = lib.mkIf cfg.enable {
    networking = {
      nftables.enable = true;
      domain = "foodogsquared.one";
      firewall = {
        enable = true;
        allowedTCPPorts = [
          22 # Secure Shells.
        ];
      };
    };
  };
}
hosts/plover: try out host-specific module structure 2023-12-11 08:30:00 +00:00			`{ config, lib, pkgs, ... }:`

			`let`
			`hostCfg = config.hosts.plover;`
			`cfg = hostCfg.services.firewall;`
			`in`
			`{`
			`options.hosts.plover.services.firewall.enable = lib.mkEnableOption "firewall setup";`

			`config = lib.mkIf cfg.enable {`
			`networking = {`
			`nftables.enable = true;`
			`domain = "foodogsquared.one";`
			`firewall = {`
			`enable = true;`
			`allowedTCPPorts = [`
			`22 # Secure Shells.`
			`];`
			`};`
			`};`
			`};`
			`}`