pegasust
/
dotfiles
1
0
Fork 0
Code Issues 6 Pull Requests Projects Releases Wiki Activity

sys-nix even stricter networking disable

nix-components
pegasust 2022-11-25 20:43:31 -07:00
parent b15dce795c
commit 6b832e1769
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
system-nix/configuration.nix
View File

@ -90,7 +90,7 @@ with lib;
# Don't touch networking.firewall.enable, just configure everything else. # Don't touch networking.firewall.enable, just configure everything else.
# inherit networking; # inherit networking;
networking = networking // { networking = networking // {
firewall = { firewall = (networking.firewall.enable and {
trustedInterfaces = networking.firewall.trustedInterfaces or [ ] ++ [ trustedInterfaces = networking.firewall.trustedInterfaces or [ ] ++ [
"tailscale0" "tailscale0"
]; ];
@ -105,7 +105,7 @@ with lib;
]; ];
checkReversePath = "loose"; checkReversePath = "loose";
}; }) or {};
}; };
} }