From f9e621eaaea96240f7869d691586fe235e2c6fbe Mon Sep 17 00:00:00 2001
From: Harald Hoyer <harald@hoyer.xyz>
Date: Wed, 11 Feb 2026 16:53:18 +0100
Subject: [PATCH] feat(nix): add firewall rule for HALO system

- Allowed inbound TCP traffic on port 1234 by updating firewall rules.
- Enhances connectivity for the HALO system without altering existing configurations.
---
 systems/x86_64-linux/halo/default.nix | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/systems/x86_64-linux/halo/default.nix b/systems/x86_64-linux/halo/default.nix
index 1a1115e..ac975dc 100644
--- a/systems/x86_64-linux/halo/default.nix
+++ b/systems/x86_64-linux/halo/default.nix
@@ -13,6 +13,10 @@ with lib.metacfg;
   boot.lanzaboote.pkiBundle = "/var/lib/sbctl"; 
   boot.kernelPackages = lib.mkOverride 0 pkgs.linuxPackages_latest;
 
+  networking.firewall.allowedTCPPorts = [
+    1234
+  ];
+
   systemd.tmpfiles.rules = 
   let
     rocmEnv = pkgs.symlinkJoin {