Enable firewall everywhere
This commit is contained in:
parent
f5cbfda5d1
commit
f7dc0c3986
|
@ -107,7 +107,6 @@ in
|
|||
hostName = "dacbert"; # Define your hostname.
|
||||
useDHCP = false;
|
||||
interfaces.eth0.useDHCP = true;
|
||||
firewall.enable = false;
|
||||
};
|
||||
|
||||
nix = {
|
||||
|
|
|
@ -84,7 +84,6 @@ in {
|
|||
networking.hostName = "freifunk";
|
||||
networking.useNetworkd = true;
|
||||
networking.nameservers = [ "172.20.73.8" "9.9.9.9" ];
|
||||
networking.firewall.enable = false;
|
||||
networking.nat = {
|
||||
enable = true;
|
||||
# This doesn't really work, hence the `extraCommands`
|
||||
|
|
|
@ -8,10 +8,7 @@
|
|||
mem = 1024;
|
||||
};
|
||||
|
||||
networking = {
|
||||
hostName = "gnunet";
|
||||
firewall.enable = false;
|
||||
};
|
||||
networking.hostName = "gnunet";
|
||||
|
||||
services.gnunet = {
|
||||
enable = true;
|
||||
|
|
|
@ -145,7 +145,6 @@ in
|
|||
networking = {
|
||||
hostId = "3f0c4ec4";
|
||||
hostName = "hydra";
|
||||
firewall.enable = false;
|
||||
nameservers = [ "172.20.73.8" "9.9.9.9" ];
|
||||
# nat = {
|
||||
# enable = true;
|
||||
|
|
|
@ -15,7 +15,8 @@ in
|
|||
|
||||
networking = {
|
||||
hostName = "jabber";
|
||||
firewall.allowedTCPPorts = [
|
||||
firewall = {
|
||||
allowedTCPPorts = [
|
||||
# Prosody
|
||||
5222
|
||||
5223
|
||||
|
@ -28,7 +29,7 @@ in
|
|||
3478
|
||||
3479
|
||||
];
|
||||
firewall.allowedUDPPorts = [
|
||||
allowedUDPPorts = [
|
||||
# Coturn
|
||||
3478
|
||||
3479
|
||||
|
|
|
@ -32,11 +32,7 @@ in {
|
|||
"/${export}".options = [ "relatime" "discard" ];
|
||||
}) {} nfsExports;
|
||||
|
||||
networking = {
|
||||
hostName = "nfsroot";
|
||||
|
||||
firewall.enable = false;
|
||||
};
|
||||
networking.hostName = "nfsroot";
|
||||
|
||||
system.stateVersion = "22.05";
|
||||
}
|
||||
|
|
|
@ -1,8 +1,6 @@
|
|||
{ tftproots, pkgs, ... }:
|
||||
|
||||
{
|
||||
networking.firewall.enable = false;
|
||||
|
||||
# raspberrypi boot
|
||||
services.atftpd = {
|
||||
enable = true;
|
||||
|
|
|
@ -20,10 +20,7 @@
|
|||
|
||||
system.stateVersion = "22.05";
|
||||
|
||||
networking = {
|
||||
hostName = "nncp";
|
||||
firewall.enable = false;
|
||||
};
|
||||
networking.hostName = "nncp";
|
||||
|
||||
programs.nncp = {
|
||||
enable = true;
|
||||
|
|
|
@ -98,7 +98,6 @@
|
|||
prefixLength = zentralwerk.lib.config.site.net.serv.subnet4Len;
|
||||
}];
|
||||
defaultGateway = "172.20.73.1";
|
||||
firewall.enable = false;
|
||||
nameservers = [ "172.20.73.8" "9.9.9.9" ];
|
||||
};
|
||||
|
||||
|
|
|
@ -27,7 +27,6 @@
|
|||
hostName = "rpi-netboot";
|
||||
useDHCP = false;
|
||||
interfaces.eth0.useDHCP = true;
|
||||
firewall.enable = false;
|
||||
};
|
||||
|
||||
fileSystems = {
|
||||
|
|
|
@ -28,10 +28,6 @@
|
|||
};
|
||||
|
||||
networking = {
|
||||
firewall = {
|
||||
enable = true;
|
||||
allowedTCPPorts = [ 22 ];
|
||||
};
|
||||
hostName = "server10";
|
||||
# TODO: change that to something more random
|
||||
hostId = "10101010";
|
||||
|
|
|
@ -3,15 +3,9 @@ _:
|
|||
{
|
||||
c3d2.deployment.server = "server10";
|
||||
|
||||
networking = {
|
||||
firewall.enable = false;
|
||||
hostName = "spaceapi";
|
||||
};
|
||||
networking.hostName = "spaceapi";
|
||||
|
||||
services.spaceapi.enable = true;
|
||||
|
||||
# HACK for ‘ekg-json-0.1.0.6’ nixos-22.05
|
||||
# nixpkgs.config.allowBroken = true;
|
||||
|
||||
system.stateVersion = "19.03";
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue