mirror of
https://github.com/foo-dogsquared/nixos-config.git
synced 2025-01-31 10:58:02 +00:00
23 lines
434 B
Nix
23 lines
434 B
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
let
|
|
hostCfg = config.hosts.plover;
|
|
cfg = hostCfg.services.firewall;
|
|
in
|
|
{
|
|
options.hosts.plover.services.firewall.enable = lib.mkEnableOption "firewall setup";
|
|
|
|
config = lib.mkIf cfg.enable {
|
|
networking = {
|
|
nftables.enable = true;
|
|
firewall = {
|
|
enable = true;
|
|
|
|
# Secure Shells
|
|
allowedTCPPorts = [ 22 ];
|
|
allowedUDPPorts = [ 22 ];
|
|
};
|
|
};
|
|
};
|
|
}
|