Close SSH through firewall by default

author: Mark Nipper <nipsy@bitgnome.net> 2024-07-16 09:01:17 -0700
committer: Mark Nipper <nipsy@bitgnome.net> 2024-07-16 09:01:17 -0700
commit: 04a5481eae0379165dcfc4b6ca70ef66d1d33d62 (patch)
tree: 55960aa30bf75dc396a0ba16e591a8179002c13e /hosts/darkstar
parent: d71d2bd7112b4085d67c3ca775b7b38185fd4be2 (diff)
download: nix-04a5481eae0379165dcfc4b6ca70ef66d1d33d62.tar
nix-04a5481eae0379165dcfc4b6ca70ef66d1d33d62.tar.gz
nix-04a5481eae0379165dcfc4b6ca70ef66d1d33d62.tar.bz2
nix-04a5481eae0379165dcfc4b6ca70ef66d1d33d62.tar.lz
nix-04a5481eae0379165dcfc4b6ca70ef66d1d33d62.tar.xz
nix-04a5481eae0379165dcfc4b6ca70ef66d1d33d62.tar.zst
nix-04a5481eae0379165dcfc4b6ca70ef66d1d33d62.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/hosts/darkstar/default.nix b/hosts/darkstar/default.nix
index b9b4e39..0e4541d 100644
--- a/hosts/darkstar/default.nix
+++ b/hosts/darkstar/default.nix
@@ -79,6 +79,8 @@
     #};
   };
 
+  services.openssh.openFirewall = true;
+
   sops = {
     age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
     defaultSopsFile = ../secrets/darkstar.yaml;
author	Mark Nipper <nipsy@bitgnome.net>	2024-07-16 09:01:17 -0700
committer	Mark Nipper <nipsy@bitgnome.net>	2024-07-16 09:01:17 -0700
commit	04a5481eae0379165dcfc4b6ca70ef66d1d33d62 (patch)
tree	55960aa30bf75dc396a0ba16e591a8179002c13e /hosts/darkstar
parent	d71d2bd7112b4085d67c3ca775b7b38185fd4be2 (diff)
download	nix-04a5481eae0379165dcfc4b6ca70ef66d1d33d62.tar nix-04a5481eae0379165dcfc4b6ca70ef66d1d33d62.tar.gz nix-04a5481eae0379165dcfc4b6ca70ef66d1d33d62.tar.bz2 nix-04a5481eae0379165dcfc4b6ca70ef66d1d33d62.tar.lz nix-04a5481eae0379165dcfc4b6ca70ef66d1d33d62.tar.xz nix-04a5481eae0379165dcfc4b6ca70ef66d1d33d62.tar.zst nix-04a5481eae0379165dcfc4b6ca70ef66d1d33d62.zip