diff --git a/modules/system/services/server/fileserver/nfs/default.nix b/modules/system/services/server/fileserver/nfs/default.nix
index fb39ff17..3fe79139 100644
--- a/modules/system/services/server/fileserver/nfs/default.nix
+++ b/modules/system/services/server/fileserver/nfs/default.nix
@@ -11,14 +11,6 @@
         /storage/Music *(rw,sync,no_subtree_check)
       '';
     };
-    networking.nftables.tables.nfs = {
-      family = "inet";
-      content = ''
-        chain input {
-	  type filter hook input priority filter; policy drop;
-          ip saddr 10.0.0.0/8 tcp dport 2049 accept comment "Accept NFS"
-        }
-      '';
-    };
+    networking.firewall.extraInputRules = "ip saddr 10.0.0.0/8 tcp dport 2049 accept";
   };
 }
diff --git a/modules/system/services/server/nginx/rtmp/default.nix b/modules/system/services/server/nginx/rtmp/default.nix
index 2618d9d2..2bb7d7fb 100644
--- a/modules/system/services/server/nginx/rtmp/default.nix
+++ b/modules/system/services/server/nginx/rtmp/default.nix
@@ -25,15 +25,7 @@
         }
       '';
     };
-    networking.nftables.tables.rtmp = {
-      family = "inet";
-      content = ''
-        chain input {
-	  type filter hook input priority 0; policy drop;
-          ip saddr { 10.0.0.0/8, ${config.secrets.ips.luna}, ${config.secrets.ips.corn} } tcp dport 1935 accept comment "Accept RTMP"
-        }
-      '';
-    };
+    networking.firewall.extraInputRules = "ip saddr { 10.0.0.0/8, ${config.secrets.ips.luna}, ${config.secrets.ips.corn} } tcp dport 1935 accept";
     systemd.services.nginx.serviceConfig.ReadWritePaths = [ "/var/www/landing-page/streams/hls/" ];
   };
 }
diff --git a/modules/system/services/server/owncast/default.nix b/modules/system/services/server/owncast/default.nix
index 0ce2d750..35b630b4 100644
--- a/modules/system/services/server/owncast/default.nix
+++ b/modules/system/services/server/owncast/default.nix
@@ -7,15 +7,7 @@
       port = 8060;
       rtmp-port = 1945;
     };
-    networking.nftables.tables.owncast = {
-      family = "inet";
-      content = ''
-        chain input {
-	  type filter hook input priority filter; policy drop;
-          ip saddr 10.0.0.0/8 tcp dport 1945 accept comment "Accept RTMP"
-        }
-      '';
-    };
+    networking.firewall.extraInputRules = "ip saddr 10.0.0.0/8 tcp dport 1945 accept";
     environment.persistence."/persist".directories = [ "/var/lib/owncast" ];
   };
 }