aboutsummaryrefslogtreecommitdiffstats
path: root/hosts/darkstar
diff options
context:
space:
mode:
authorMark Nipper <nipsy@bitgnome.net>2024-06-12 01:55:31 -0700
committerMark Nipper <nipsy@bitgnome.net>2024-06-12 01:55:31 -0700
commit601c02330c1d7ea094974e874500b7966873739e (patch)
tree717fe0ff54d42f020545aa7db0e1ed61fc0e924e /hosts/darkstar
parent6ec606f2fa4d84468628d28cdef330dd602c9972 (diff)
downloadnix-601c02330c1d7ea094974e874500b7966873739e.tar
nix-601c02330c1d7ea094974e874500b7966873739e.tar.gz
nix-601c02330c1d7ea094974e874500b7966873739e.tar.bz2
nix-601c02330c1d7ea094974e874500b7966873739e.tar.lz
nix-601c02330c1d7ea094974e874500b7966873739e.tar.xz
nix-601c02330c1d7ea094974e874500b7966873739e.tar.zst
nix-601c02330c1d7ea094974e874500b7966873739e.zip
Actually fix the extra nftables rules
Diffstat (limited to '')
-rw-r--r--hosts/darkstar/default.nix7
1 files changed, 3 insertions, 4 deletions
diff --git a/hosts/darkstar/default.nix b/hosts/darkstar/default.nix
index 6bfc153..5208bfd 100644
--- a/hosts/darkstar/default.nix
+++ b/hosts/darkstar/default.nix
@@ -91,7 +91,6 @@
systemd.services."nftables-extra" = {
description = "nftables extra firewall rules";
- enable = true;
script = ''
${pkgs.nftables}/bin/nft -f ${config.sops.secrets."nftables/ssh".path}
'';
@@ -102,12 +101,12 @@
unitConfig = {
ConditionPathExists = config.sops.secrets."nftables/ssh".path;
};
+ wantedBy = [ "multi-user.target" ];
};
- systemd.paths."nftables-ssh" = {
- enable = true;
+ systemd.paths."nftables-extra" = {
pathConfig = {
PathExists = config.sops.secrets."nftables/ssh".path;
- Unit = "nftables-extra.service";
};
+ wantedBy = [ "multi-user.target" ];
};
}