tv: modularize iptables configuration

author: tv <tv@krebsco.de> 2015-06-22 15:24:09 +0200
committer: tv <tv@krebsco.de> 2015-06-22 15:24:09 +0200
commit: d80f9c1f7efa219f45058771d2ae319b6bfaf7a2 (patch)
tree: 273daca78a42d1f8d8ef4bd5ef6ea33598bfc618 /modules/wu/default.nix
parent: e289825b3c658f5310901a6ef6434c17e0122b47 (diff)
1 files changed, 12 insertions, 1 deletions
diff --git a/modules/wu/default.nix b/modules/wu/default.nix
index 68475ad..76e8c6b 100644
--- a/modules/wu/default.nix
+++ b/modules/wu/default.nix
@@ -9,7 +9,6 @@ in
 {
   imports = [
     ./hosts.nix
-    ./iptables.nix
     ../common/nixpkgs.nix
     ../tv/base.nix
     ../tv/exim-retiolum.nix
@@ -22,6 +21,18 @@ in
     ../tv/urxvt.nix
     ../tv/xserver.nix
     ../wu/users.nix
+    {
+      imports = [ ../tv/iptables ];
+      tv.iptables = {
+        enable = true;
+        input-internet-accept-new-tcp = [
+          "ssh"
+          "http"
+          "tinc"
+          "smtp"
+        ];
+      };
+    }
   ];
 
   nix.maxJobs = 8;
author	tv <tv@krebsco.de>	2015-06-22 15:24:09 +0200
committer	tv <tv@krebsco.de>	2015-06-22 15:24:09 +0200
commit	d80f9c1f7efa219f45058771d2ae319b6bfaf7a2 (patch)
tree	273daca78a42d1f8d8ef4bd5ef6ea33598bfc618 /modules/wu/default.nix
parent	e289825b3c658f5310901a6ef6434c17e0122b47 (diff)