diff options
Diffstat (limited to 'modules/common')
| -rw-r--r-- | modules/common/default.nix | 2 | ||||
| -rw-r--r-- | modules/common/networking.nix | 7 |
2 files changed, 8 insertions, 1 deletions
diff --git a/modules/common/default.nix b/modules/common/default.nix index 4a2bfd3..ed45914 100644 --- a/modules/common/default.nix +++ b/modules/common/default.nix @@ -20,10 +20,10 @@ nixpkgs.config.allowUnfree = true; # Security - networking.firewall.enable = false; security.sudo.wheelNeedsPassword = false; services.openssh = { enable = true; + openFirewall = true; settings = { PasswordAuthentication = false; PermitRootLogin = "no"; diff --git a/modules/common/networking.nix b/modules/common/networking.nix index 63c0d89..0a7b3f7 100644 --- a/modules/common/networking.nix +++ b/modules/common/networking.nix @@ -11,6 +11,13 @@ dhcpcd.extraConfig = '' nohook resolv.conf ''; + + firewall = { + enable = true; + trustedInterfaces = ["wg0"]; + allowedTCPPorts = [ 80 443 ]; + }; + nftables.enable = true; }; systemd.services = { |