sokai/mynixos-config
1
1
Fork 0
forked from mirrors_public/oddlama_nix-config
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat: automatically generate allowedTCPPorts for mdns enabled

Browse source 
interfaces; simplify nftables rules by adding a general untrusted zone
This commit is contained in:
oddlama 2023-05-27 01:59:28 +02:00
parent e37601b486
commit 41df399bb6
No known key found for this signature in database
GPG key ID: 14EFE510775FE39A
14 changed files with 231 additions and 168 deletions
Download patch file Download diff file Expand all files Collapse all files

12
hosts/nom/net.nix
View file

@ -1,4 +1,8 @@
{config, ...}: {
{
config,
lib,
...
}: {
networking = {
inherit (config.repo.secrets.local.networking) hostId;
wireless.iwd.enable = true;
@ -31,4 +35,10 @@
dhcpV6Config.RouteMetric = 40;
};
};
networking.nftables.firewall = {
zones = lib.mkForce {
untrusted.interfaces = ["lan1" "wlan1"];
};
};
}