jawz/NixOS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

rearranged firewall config

Browse Source
This commit is contained in:
Danilo Reyes 2023-08-28 20:35:16 -06:00
parent c8f851127a
commit 811068a7c1
1 changed files with 23 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
configuration.org
View File

@ -38,16 +38,6 @@ other functions.
#+begin_src nix #+begin_src nix
{ config, pkgs, ... }: { config, pkgs, ... }:
let let
open_firewall_ports = [
80 # http
443 # https
6969 # HentaiAtHome
25152 # ssh
49494 # gerbera
];
open_firewall_port_ranges = [
{ from = 1714; to = 1764; } # kdeconnect
];
VERSION = "23.05"; VERSION = "23.05";
# "https://github.com/nix-community/home-manager/archive/master.tar.gz"; # "https://github.com/nix-community/home-manager/archive/master.tar.gz";
unstable_tarball = builtins.fetchTarball unstable_tarball = builtins.fetchTarball
@ -1043,10 +1033,29 @@ Open ports in the firewall.
=TIP= list what app a port belongs to in a table. =TIP= list what app a port belongs to in a table.
#+begin_src nix #+begin_src nix
networking.firewall.allowedTCPPorts = open_firewall_ports; networking = {
networking.firewall.allowedUDPPorts = open_firewall_ports; # useDHCP = false;
networking.firewall.allowedTCPPortRanges = open_firewall_port_ranges; # interfaces.enp0s31f6.useDHCP = true;
networking.firewall.allowedUDPPortRanges = open_firewall_port_ranges; firewall = let
open_firewall_ports = [
80 # http
443 # https
6969 # HentaiAtHome
25152 # ssh
49494 # gerbera
8086 8920 # jellyfin
];
open_firewall_port_ranges = [
{ from = 1714; to = 1764; } # kdeconnect
];
in
{
allowedTCPPorts = open_firewall_ports;
allowedUDPPorts = open_firewall_ports;
allowedTCPPortRanges = open_firewall_port_ranges;
allowedUDPPortRanges = open_firewall_port_ranges;
};
};
# networking.firewall.enable = false; # networking.firewall.enable = false;
#+end_src #+end_src