♻️ [pi4] Refactor firewall with variables

2025-06-23 18:12:52 +00:00
parent 5704ebe712
commit 763ee6312a
2 changed files with 6 additions and 8 deletions
--- a/hosts/pi4/security/firewall.nix
+++ b/hosts/pi4/security/firewall.nix
@ -1,3 +1,5 @@
+{ common, ... }:
+
 {
  networking = {
    firewall = {
@ -6,14 +8,9 @@
        80
        443
      ];
-      trustedInterfaces = [ "tailscale0" ];
-      extraInputRules =
-        let
-          localIPv4Range = "192.168.10.0/24";
-        in
-        ''
-          ip saddr ${localIPv4Range} accept
-        '';
+      extraInputRules = ''
+        ip saddr ${common.localIpRange} accept
+      '';
    };
    nftables.enable = true;
  };