]> Git — Sourcephile - julm/julm-nix.git/blob - nixos/profiles/networking/nftables.nix
syncoid: import module isntead of patching nixpkgs
[julm/julm-nix.git] / nixos / profiles / networking / nftables.nix
1 { lib, ... }:
2 {
3 # TODO: https://www.team-cymru.org/Services/Bogons/fullbogons-ipv6.txt
4 networking.nftables = {
5 preCheckRuleset = ''
6 sed -i ruleset.conf \
7 -e 's/skuid *[^ ]*/skuid nobody/g' \
8 -e 's/skgid *[^ ]*/skgid nogroup/g'
9 '';
10 ruleset = lib.mkBefore (lib.readFile ./nftables.txt);
11 };
12 }