From 51e91003bfee520f7e458308dee5c8d078286ad0 Mon Sep 17 00:00:00 2001
From: Seongmin Lee <git@boltless.me>
Date: Fri, 24 Oct 2025 03:05:04 +0900
Subject: [PATCH] nix/modules/knot: remove firewall settings
Change-Id: qrzyzsxkvpwtzkpxuyuposrkwpuntzsu

firewall should be handled by users. this change will allow setting
non-22 ssh ports

Close: #269
Signed-off-by: Seongmin Lee <git@boltless.me>
---
 nix/modules/knot.nix | 8 --------
 1 file changed, 8 deletions(-)

diff --git a/nix/modules/knot.nix b/nix/modules/knot.nix
index dabbd396..556e8f46 100644
--- a/nix/modules/knot.nix
+++ b/nix/modules/knot.nix
@@ -32,12 +32,6 @@ in
           description = "User that hosts git repos and performs git operations";
         };
 
-        openFirewall = mkOption {
-          type = types.bool;
-          default = true;
-          description = "Open port 22 in the firewall for ssh";
-        };
-
         stateDir = mkOption {
           type = types.path;
           default = "/home/${cfg.gitUser}";
@@ -205,7 +199,5 @@ in
           Restart = "always";
         };
       };
-
-      networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [22];
     };
   }
-- 
2.43.0