Firewall?
This commit is contained in:
parent
cbe4b8619a
commit
dff621fe42
1 changed files with 19 additions and 2 deletions
|
|
@ -2,7 +2,7 @@
|
||||||
lib,
|
lib,
|
||||||
# outputs,
|
# outputs,
|
||||||
# config,
|
# config,
|
||||||
# pkgs,
|
pkgs,
|
||||||
...
|
...
|
||||||
}: let
|
}: let
|
||||||
# NOTE: I could turn this into a cool NixOS module?
|
# NOTE: I could turn this into a cool NixOS module?
|
||||||
|
|
@ -181,10 +181,15 @@ in {
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
environment.systemPackages = with pkgs; [
|
||||||
|
wpa_supplicant
|
||||||
|
];
|
||||||
|
|
||||||
networking = {
|
networking = {
|
||||||
hostName = "router";
|
hostName = "router";
|
||||||
domain = "h.lyte.dev";
|
domain = "h.lyte.dev";
|
||||||
useDHCP = false;
|
useDHCP = false;
|
||||||
|
wireless.enable = true;
|
||||||
|
|
||||||
# useDHCP = true;
|
# useDHCP = true;
|
||||||
# nat.enable = true; # TODO: maybe replace some of the nftables stuff with this module?
|
# nat.enable = true; # TODO: maybe replace some of the nftables stuff with this module?
|
||||||
|
|
@ -198,7 +203,7 @@ in {
|
||||||
ff02::2 ip6-allrouters
|
ff02::2 ip6-allrouters
|
||||||
'';
|
'';
|
||||||
|
|
||||||
firewall.enable = false;
|
firewall.enable = true;
|
||||||
firewall.allowedTCPPorts = [
|
firewall.allowedTCPPorts = [
|
||||||
2201
|
2201
|
||||||
22
|
22
|
||||||
|
|
@ -356,6 +361,18 @@ in {
|
||||||
|
|
||||||
systemd.network = {
|
systemd.network = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
networks = {
|
||||||
|
wan = {
|
||||||
|
networkConfig = {
|
||||||
|
DHCP = "yes";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
lan = {
|
||||||
|
networkConfig = {
|
||||||
|
DHCP = "yes";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
links = {
|
links = {
|
||||||
"10-${wan_if}" = {
|
"10-${wan_if}" = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue