{ common, ... }:

{
  networking = {
    firewall = {
      enable = true;
      allowedTCPPorts = [
        80
        443
      ];
      extraInputRules = ''
        ip saddr ${common.localIpRange} accept
      '';
    };
    nftables.enable = true;
  };
}