SebastianStork/nixos-config
1
0
Fork 0
mirror of https://github.com/SebastianStork/nixos-config.git synced 2026-03-22 16:39:07 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

nebula: Switch to group-based firewall rules

Browse source
This commit is contained in:
SebastianStork 2026-02-05 23:32:52 +01:00
parent ec0d5b839e
commit dfdabfb5b1
Signed by: SebastianStork
SSH key fingerprint: SHA256:tRrGdjYOwgHxpSc/wTOZQZEjxcb15P0tyXRsbAfd+2Q
9 changed files with 39 additions and 37 deletions
Download patch file Download diff file Expand all files Collapse all files

13
modules/system/services/sshd.nix
View file

@ -28,14 +28,11 @@ in
};
};
nebula.networks.mesh.firewall.inbound =
netCfg.peers
|> lib.filter (node: node.overlay.role == "client")
|> lib.map (client: {
port = 22;
proto = "tcp";
host = client.hostName;
});
nebula.networks.mesh.firewall.inbound = lib.singleton {
port = 22;
proto = "tcp";
group = "client";
};
};
systemd.services.sshd = {