diff --git a/hetzner-vpn1.nix b/hetzner-vpn1.nix index b6a9e56..c534929 100644 --- a/hetzner-vpn1.nix +++ b/hetzner-vpn1.nix @@ -9,7 +9,6 @@ config = { my = { enabledUsers = []; - server.enable = true; tailscale.enable = true; }; @@ -64,15 +63,6 @@ }; }; - networking.firewall = { - checkReversePath = "loose"; - allowedTCPPortRanges = [ - { - from = 5000; - to = 5005; - } - ]; - allowedTCPPorts = [80 443]; - }; + networking.firewall.allowedTCPPorts = [80 443]; }; } diff --git a/modules/default.nix b/modules/default.nix index b6f047d..f794bcf 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -4,7 +4,6 @@ modulesCfg: {lib, ...}: { ./i18n.nix ./nixpkgs.nix ./globalinstalls.nix - ./server.nix ./sshd.nix ./tailscale.nix ./buildtools.nix @@ -17,5 +16,10 @@ modulesCfg: {lib, ...}: { config = { my.modulesCfg = modulesCfg; + + networking.firewall = { + enable = true; + checkReversePath = "loose"; + }; }; } diff --git a/modules/desktop/default.nix b/modules/desktop/default.nix index 8b01ac2..005a210 100644 --- a/modules/desktop/default.nix +++ b/modules/desktop/default.nix @@ -59,7 +59,6 @@ in { networkmanager.enable = true; firewall = { - enable = true; allowedTCPPortRanges = [ { # KDE Connect / gsconnect diff --git a/modules/desktop/gaming.nix b/modules/desktop/gaming.nix index a8715a8..5015ca2 100644 --- a/modules/desktop/gaming.nix +++ b/modules/desktop/gaming.nix @@ -41,12 +41,9 @@ in { }; }; - networking.firewall.allowedUDPPortRanges = [ - { - # Factorio - from = 34197; - to = 34197; - } + networking.firewall.allowedUDPPorts = [ + # Factorio + 34197 ]; my.allowUnfreePackages = [ diff --git a/modules/server.nix b/modules/server.nix deleted file mode 100644 index 2fb6e40..0000000 --- a/modules/server.nix +++ /dev/null @@ -1,20 +0,0 @@ -{ - config, - pkgs, - lib, - ... -}: let - cfg = config.my.server; -in { - options.my.server = { - enable = lib.mkEnableOption "server role"; - }; - - config = lib.mkIf cfg.enable { - networking.firewall = { - enable = true; - allowedTCPPortRanges = [ - ]; - }; - }; -}