diff --git a/common/default.nix b/common/default.nix index c1935e7..9a0b251 100644 --- a/common/default.nix +++ b/common/default.nix @@ -7,6 +7,7 @@ in { ../modules ./users.nix (sources.home-manager + "/nixos") + (sources.pbb-nixfiles + "/modules/nftables") ]; boot.kernelPackages = lib.mkDefault pkgs.linuxPackages_latest; @@ -77,4 +78,6 @@ in { services.nginx.appendHttpConfig = '' access_log off; ''; + + petabyte.nftables.enable = true; } diff --git a/hosts/hainich/services/codimd.nix b/hosts/hainich/services/codimd.nix index 55ed5dd..c60f2df 100644 --- a/hosts/hainich/services/codimd.nix +++ b/hosts/hainich/services/codimd.nix @@ -7,7 +7,7 @@ localAddress = "192.168.100.3"; autoStart = true; config = { config, lib, pkgs, ... }: { - networking.firewall.allowedTCPPorts = [ 3000 ]; + networking.firewall.enable = false; services.coredns = { enable = true; config = '' diff --git a/hosts/hainich/services/lantifa.nix b/hosts/hainich/services/lantifa.nix index 06746af..4fd1eed 100644 --- a/hosts/hainich/services/lantifa.nix +++ b/hosts/hainich/services/lantifa.nix @@ -11,7 +11,7 @@ in { config = {config, pkgs, ... }: { networking.hosts."::1" = [ "wiki.lantifa.org" ]; - networking.firewall.allowedTCPPorts = [ 80 ]; + networking.firewall.enable = false; users.users.mediawiki.extraGroups = [ "keys" ]; services.mediawiki = { diff --git a/nix/sources.json b/nix/sources.json index 3c43a43..9cadc80 100644 --- a/nix/sources.json +++ b/nix/sources.json @@ -67,5 +67,11 @@ "type": "tarball", "url": "https://github.com/hexchen/nixpkgs/archive/b5f7683f8d7f99186dd4232f233d17ce1abd4e17.tar.gz", "url_template": "https://github.com///archive/.tar.gz" + }, + "pbb-nixfiles": { + "ref": "main", + "repo": "https://git.petabyte.dev/petabyteboy/nixfiles.git", + "rev": "0720c5dba283d782f2f887bf97aad339137d95dc", + "type": "git" } }