nixos-configuration/hosts/pi4/security/firewall.nix

{ common, ... }:

{
  networking = {
    firewall = {
      enable = true;
      allowedTCPPorts = [
        80
        443
      ];
      extraInputRules = ''
        ip saddr ${common.localIpRange} accept
      '';
    };
    nftables.enable = true;
  };
}
:recycle: [pi4] Refactor firewall with variables 2025-06-23 18:12:52 +00:00			`{ common, ... }:`

:sparkles: [pi4] Nftables firewall config, moved security.nix to security dir 2025-04-16 21:09:17 +00:00			`{`
			`networking = {`
			`firewall = {`
			`enable = true;`
:sparkles: [pi4] Added initial caddy config based on homelab 2025-05-13 21:31:29 +02:00			`allowedTCPPorts = [`
			`80`
			`443`
			`];`
:recycle: [pi4] Refactor firewall with variables 2025-06-23 18:12:52 +00:00			`extraInputRules = ''`
			`ip saddr ${common.localIpRange} accept`
			`'';`
:sparkles: [pi4] Nftables firewall config, moved security.nix to security dir 2025-04-16 21:09:17 +00:00			`};`
			`nftables.enable = true;`
			`};`
			`}`