martials/nixos-configuration
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[pi4] Nftables firewall config, moved security.nix to security dir

Browse Source
This commit is contained in:
Martin Berg Alstad
2025-04-16 21:09:17 +00:00
parent 36ba00efc3
commit 244a029d70
3 changed files with 22 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
hosts/pi4/security/firewall.nix Normal file
View File

@ -0,0 +1,17 @@
{
networking = {
firewall = {
enable = true;
trustedInterfaces = [ "tailscale0" ];
extraInputRules =
let
localIPv4Range = "192.168.10.0/24";
in
''
ip saddr ${localIPv4Range} tcp dport 22 accept
ip saddr ${localIPv4Range} udp dport 22 accept
'';
};
nftables.enable = true;
};
}