hm: fix stateVersion

[julm/julm-nix.git] / nixos / profiles / networking.nix

diff --git a/nixos/profiles/networking.nix b/nixos/profiles/networking.nix
index 6ae4a1d56c03858b4968ed04eca7d9ba13c324f2..35d0871ff6ebe4a7e7da2b52adc445e0c93473f8 100644 (file)
--- a/nixos/profiles/networking.nix
+++ b/nixos/profiles/networking.nix
@@ -6,7 +6,7 @@ in
 networking = {
   hostName = hostName;
   domain = lib.mkDefault "localdomain";
-  search = [ "sourcephile.fr" ];
+  #search = [ "sourcephile.fr" ];
   firewall = {
     enable = lib.mkDefault true;
     allowPing = lib.mkDefault true;
@@ -14,6 +14,7 @@ networking = {
 };
 
 programs.mtr.enable = true;
+programs.usbtop.enable = true;
 
 services.avahi = {
   enable = lib.mkDefault true;
@@ -23,10 +24,15 @@ services.avahi = {
 };
 
 services.openssh = {
+  enable = lib.mkDefault true;
   forwardX11 = lib.mkDefault true;
-  openFirewall = true;
+  openFirewall = lib.mkDefault false;
   listenAddresses = [
     { addr = wg-intra-peers.${hostName}.ipv4; port = 22; }
   ];
 };
+networking.firewall.extraCommands = lib.mkIf config.services.openssh.enable ''
+  ip46tables -A nixos-fw -i wg-intra -p tcp -m tcp --dport 22 -j ACCEPT
+'';
+systemd.services.sshd.after = ["wireguard-wg-intra.service"];
 }