From 601c02330c1d7ea094974e874500b7966873739e Mon Sep 17 00:00:00 2001 From: Mark Nipper Date: Wed, 12 Jun 2024 01:55:31 -0700 Subject: Actually fix the extra nftables rules --- hosts/darkstar/default.nix | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/hosts/darkstar/default.nix b/hosts/darkstar/default.nix index 6bfc153..5208bfd 100644 --- a/hosts/darkstar/default.nix +++ b/hosts/darkstar/default.nix @@ -91,7 +91,6 @@ systemd.services."nftables-extra" = { description = "nftables extra firewall rules"; - enable = true; script = '' ${pkgs.nftables}/bin/nft -f ${config.sops.secrets."nftables/ssh".path} ''; @@ -102,12 +101,12 @@ unitConfig = { ConditionPathExists = config.sops.secrets."nftables/ssh".path; }; + wantedBy = [ "multi-user.target" ]; }; - systemd.paths."nftables-ssh" = { - enable = true; + systemd.paths."nftables-extra" = { pathConfig = { PathExists = config.sops.secrets."nftables/ssh".path; - Unit = "nftables-extra.service"; }; + wantedBy = [ "multi-user.target" ]; }; } -- cgit v1.2.3