64 lines
1.2 KiB
Nix
64 lines
1.2 KiB
Nix
{
|
|
universal.modules = [
|
|
({
|
|
networking.firewall.enable = true;
|
|
networking.nftables.enable = true;
|
|
})
|
|
({
|
|
networking.firewall.interfaces.wg0 = {
|
|
allowedTCPPorts = [
|
|
6703
|
|
];
|
|
allowedUDPPorts = [
|
|
6703
|
|
];
|
|
};
|
|
})
|
|
];
|
|
|
|
fructose.modules = [
|
|
{
|
|
networking.firewall = {
|
|
allowedUDPPorts = [];
|
|
allowedTCPPorts = [
|
|
3000 # forgejo http
|
|
222 # forgejo ssh
|
|
];
|
|
};
|
|
}
|
|
];
|
|
|
|
glucose.modules = [
|
|
{
|
|
networking.firewall = {
|
|
allowedTCPPorts = [
|
|
64738 # murmur tcp
|
|
6700 # grafana
|
|
6750 # prometheus
|
|
];
|
|
allowedUDPPorts = [
|
|
64738 # murmur udp
|
|
6700 # grafana
|
|
6750 # prometheus
|
|
];
|
|
};
|
|
}
|
|
];
|
|
|
|
aspartame.modules = [
|
|
{
|
|
services.fail2ban.enable = true;
|
|
networking.firewall = {
|
|
interfaces.eth0.allowedTCPPorts = [
|
|
80 # http
|
|
222 # forgejo ssh
|
|
443 # https
|
|
64738 # murmur tcp
|
|
];
|
|
interfaces.eth0.allowedUDPPorts = [
|
|
64738 # murmur udp
|
|
];
|
|
};
|
|
}
|
|
];
|
|
}
|