Fix firewall and add back leash while I figure out why disko is failing

2024-11-06 22:39:23 -05:00 · 2024-11-06 22:39:23 -05:00 · 9299782075
commit 9299782075
parent 89e2715162
11 changed files with 203 additions and 8 deletions
--- a/modules/home/programs/terminal/ranger/default.nix
+++ b/modules/home/programs/terminal/ranger/default.nix
@ -105,7 +105,8 @@
      ".local/share/ranger/bookmarks".text = ''
        # Local files
        h:/home/jimbo/
-        k:/home/jimbo/Downloads
+        k:/home/jimbo/Keepers
+        j:/home/jimbo/Downloads
        v:/home/jimbo/Videos
        c:/home/jimbo/.config
        l:/home/jimbo/.local
--- a/modules/home/settings/gtk/default.nix
+++ b/modules/home/settings/gtk/default.nix
@ -32,6 +32,7 @@

    gtk3 = {
      bookmarks = [
+        "file:///home/jimbo/Keepers"
        "file:///home/jimbo/Downloads"
        "file:///home/jimbo/Documents"
        "file:///home/jimbo/Videos"
--- a/modules/system/devices/disks/impermanence/jimbo/default.nix
+++ b/modules/system/devices/disks/impermanence/jimbo/default.nix
@ -4,7 +4,7 @@
    hideMounts = true;
    users.jimbo = {
      directories = [
-        "Downloads"
+        "Keepers"
        "Documents"
        "Pictures"
        "Videos"
--- a/modules/system/devices/networking/firewall/default.nix
+++ b/modules/system/devices/networking/firewall/default.nix
@ -14,11 +14,14 @@
    networking = {
      firewall = {
        allowPing = false;
-        extraInputRules = lib.mkIf (!config.system.firewall.server.enable) ''
-          ip saddr { ${config.ips.server}, ${config.ips.wgSpan}.1 } accept comment "Accept Server"
-        '' // lib.mkIf config.system.firewall.server.enable ''
-          ip saddr { ${config.ips.localSpan}.0/24, ${config.ips.wgSpan}.0/24 } tcp dport 2049 accept comment "Accept NFS"
-          ip saddr { ${config.ips.pc}, ${config.secrets.lunaIP}, ${config.secrets.cornIP} } tcp dport { 1935, 1945 } accept comment "Accept RTMP"
+        extraInputRules = ''
+          ${lib.optionalString (!config.system.firewall.server.enable) ''
+            ip saddr { ${config.ips.server}, ${config.ips.wgSpan}.1 } accept comment "Accept Server"
+          ''}
+          ${lib.optionalString config.system.firewall.server.enable ''
+            ip saddr { ${config.ips.localSpan}.0/24, ${config.ips.wgSpan}.0/24 } tcp dport 2049 accept comment "Accept NFS"
+            ip saddr { ${config.ips.pc}, ${config.secrets.lunaIP}, ${config.secrets.cornIP} } tcp dport { 1935, 1945 } accept comment "Accept RTMP"
+          ''}
        '';
      };