♻️ [pi4] Refactor firewall with variables

hosts/pi4/security/firewall.nix

@@ -1,3 +1,5 @@
+{ common, ... }:
+
 {
   networking = {
     firewall = {
@@ -6,14 +8,9 @@
         80
         443
       ];
-      trustedInterfaces = [ "tailscale0" ];
-      extraInputRules =
-        let
-          localIPv4Range = "192.168.10.0/24";
-        in
-        ''
-          ip saddr ${localIPv4Range} accept
-        '';
+      extraInputRules = ''
+        ip saddr ${common.localIpRange} accept
+      '';
     };
     nftables.enable = true;
   };

shared/common.nix

@@ -16,6 +16,7 @@ rec {
   domain = "martials.no";
   tailnetDomain = "dns.${domain}";
   localIpPrefix = "192.168.10.";
+  localIpRange = "${localIpPrefix}0/24";
   localIpAddr = subAddr: "${localIpPrefix}${builtins.toString subAddr}";
   tailnetAddr = host: "${host}.${tailnetDomain}";