diff options
author | tv <tv@shackspace.de> | 2015-06-22 15:24:09 +0200 |
---|---|---|
committer | tv <tv@shackspace.de> | 2015-06-22 15:24:09 +0200 |
commit | 53305dc496f7f15504a8ef2f1f9511fb0b2f78ab (patch) | |
tree | 273daca78a42d1f8d8ef4bd5ef6ea33598bfc618 /modules/rmdir/default.nix | |
parent | 1538630782ac8c56d549af4fcac4c9abcba8c9c5 (diff) |
tv: modularize iptables configuration
Diffstat (limited to 'modules/rmdir/default.nix')
-rw-r--r-- | modules/rmdir/default.nix | 17 |
1 files changed, 16 insertions, 1 deletions
diff --git a/modules/rmdir/default.nix b/modules/rmdir/default.nix index e514e5dad..9879fadfa 100644 --- a/modules/rmdir/default.nix +++ b/modules/rmdir/default.nix @@ -8,7 +8,6 @@ in imports = [ <secrets/hashedPasswords.nix> - ./iptables.nix ./networking.nix ./users.nix ../common/nixpkgs.nix @@ -18,6 +17,22 @@ in ../tv/git/public.nix ../tv/retiolum.nix ../tv/sanitize.nix + { + imports = [ ../tv/iptables ]; + tv.iptables = { + enable = true; + input-internet-accept-new-tcp = [ + "ssh" + "tinc" + "smtp" + "xmpp-client" + "xmpp-server" + ]; + input-retiolum-accept-new-tcp = [ + "http" + ]; + }; + } ]; nix.maxJobs = 1; |