soopy.moe / gensokyo
nixos config
fork atom
gensokyo / global / programs / security / firewall.nix
at main 315 B view raw
1{ ... }: 2{ 3 imports = [ 4 ./ip-bans.nix 5 ]; 6 7 networking.firewall = { 8 enable = true; 9 10 # this was never needed because ts has been bypassing the firewall anyways. (by being higher on the list.) 11 # trustedInterfaces = [ 12 # "tailscale0" 13 # ]; 14 }; 15 16 # services.openssh.openFirewall = false; 17}