hektor
/
nix
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Improve NixOS default firewall declaration

main
Hektor Misplon 2025-11-10 21:46:08 +01:00
parent cf18dcdb67
commit 3c385724d0
2 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
hosts/vm/configuration.nix
View File

@ -1,4 +1,4 @@
{ pkgs, ... }: { ... }:
{ {
system.stateVersion = "25.05"; system.stateVersion = "25.05";
@ -51,6 +51,7 @@
services.qemuGuest.enable = true; services.qemuGuest.enable = true;
services.spice-vdagentd.enable = true; services.spice-vdagentd.enable = true;
networking.firewall.allowedTCPPorts = [ 22 ];
services.openssh = { services.openssh = {
enable = true; enable = true;
harden = true; harden = true;

6
modules/networking.nix
View File

@ -7,8 +7,8 @@
enable = true; enable = true;
}; };
}; };
networking.firewall = { networking = {
enable = true; nftables.enable = true;
allowedTCPPorts = [ 22 ]; firewall.enable = true;
}; };
} }