diff options
| author | Martin Fischer <martin@push-f.com> | 2024-12-13 07:55:21 +0100 |
|---|---|---|
| committer | Martin Fischer <martin@push-f.com> | 2024-12-15 18:09:46 +0100 |
| commit | cd1471871c1719f666d2971754d2ec7af25a2859 (patch) | |
| tree | 0ec08f0fe993b6e021cd959693ecc28fa3b0f351 | |
| parent | a827eee040ef62c3939c0b6952cd4ddd1a28702c (diff) | |
refactor: move firewall config up
| -rw-r--r-- | nixos/tente-configuration.nix | 13 |
1 files changed, 7 insertions, 6 deletions
diff --git a/nixos/tente-configuration.nix b/nixos/tente-configuration.nix index 334089f..8254fb0 100644 --- a/nixos/tente-configuration.nix +++ b/nixos/tente-configuration.nix @@ -61,6 +61,13 @@ # enableSSHSupport = true; # }; + # Open ports in the firewall. + networking.firewall.allowedTCPPorts = [ + # Enabling openssh automatically opens its port in the firewall. + # For all other services we need to manually list the ports here. + ]; + networking.firewall.allowedUDPPorts = []; + # List services that you want to enable: # Enable the OpenSSH daemon. @@ -73,12 +80,6 @@ dataDir = "/srv/gitolite"; }; - # Open ports in the firewall. - # networking.firewall.allowedTCPPorts = [ ... ]; - # networking.firewall.allowedUDPPorts = [ ... ]; - # Or disable the firewall altogether. - # networking.firewall.enable = false; - # Copy the NixOS configuration file and link it from the resulting system # (/run/current-system/configuration.nix). This is useful in case you # accidentally delete configuration.nix. |