modularized firewall logic

modules/servers/prowlarr.nix

@@ -1,5 +1,4 @@
 {
-  pkgs,
   lib,
   config,
   ...
@@ -11,17 +10,13 @@ in
 {
   options.my.servers.prowlarr = setup.mkOptions "prowlarr" "indexer" 9696;
   config = {
-    networking.firewall.allowedTCPPorts = lib.mkIf (!cfg.isLocal) [ cfg.port ];
     users.users.prowlarr = lib.mkIf cfg.enable {
       group = "piracy";
       isSystemUser = true;
     };
     services = {
       prowlarr.enable = cfg.enable;
-      flaresolverr = {
-        inherit (cfg) enable;
-        openFirewall = true;
-      };
+      flaresolverr.enable = cfg.enable;
       nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (setup.proxyReverseFix cfg);
     };
   };