Harald Hoyer
1dde4c769e
Add ports 80 and 443 to the list of allowed TCP ports in the firewall configuration. This change ensures that HTTP and HTTPS traffic can pass through, which is essential for web services to operate correctly.
58 lines
1.3 KiB
Nix
58 lines
1.3 KiB
Nix
{
|
|
pkgs,
|
|
lib,
|
|
config,
|
|
...
|
|
}:
|
|
{
|
|
networking.hostName = "sgx"; # Define your hostname.
|
|
networking.useDHCP = false;
|
|
|
|
#networking.domain = "fritz.box";
|
|
networking.wireless.enable = false; # Enables wireless support via wpa_supplicant.
|
|
networking.networkmanager.enable = false; # use networkd
|
|
networking.dhcpcd.enable = false; # use networkd
|
|
# services.nscd.enableNsncd = false;
|
|
|
|
# systemd-networkd
|
|
systemd.network.enable = true;
|
|
#systemd.network.wait-online.anyInterface = true;
|
|
#systemd.services."systemd-networkd".environment.SYSTEMD_LOG_LEVEL = "debug";
|
|
|
|
systemd.network.networks."10-br0" = {
|
|
matchConfig.Name = "br0";
|
|
DHCP = "yes";
|
|
linkConfig.RequiredForOnline = "routable";
|
|
linkConfig.RequiredFamilyForOnline = "both";
|
|
};
|
|
|
|
systemd.network.netdevs."br0" = {
|
|
netdevConfig = {
|
|
Name = "br0";
|
|
Kind = "bridge";
|
|
MACAddress = "20:7b:d5:1a:36:3e";
|
|
};
|
|
};
|
|
|
|
systemd.network.networks."11-en" = {
|
|
linkConfig.RequiredForOnline = "enslaved";
|
|
matchConfig.Name = "enp0s20f0u2u1";
|
|
networkConfig = {
|
|
Bridge = "br0";
|
|
};
|
|
};
|
|
|
|
networking.firewall.allowedTCPPorts = [
|
|
80
|
|
443
|
|
8384
|
|
22000
|
|
config.services.netatalk.port
|
|
];
|
|
networking.firewall.allowedUDPPorts = [
|
|
22000
|
|
21027
|
|
];
|
|
networking.firewall.allowPing = true;
|
|
}
|