Move more things into their 'correct' place

2024-09-04 20:22:13 -04:00 · 2024-09-04 20:22:13 -04:00 · b69c9dbbbf
commit b69c9dbbbf
parent ce31f4355e
9 changed files with 109 additions and 58 deletions
--- a/nixos/server/firewall.nix
+++ b/nixos/server/firewall.nix
@ -8,27 +8,13 @@
  in {
    firewall = {
      allowPing = false;
-      allowedTCPPorts = [
-        80 443 # Nginx
-        25565 19132 5657 # Pufferpanel
-        2299 # Gitea SSH
-        3478 5349 # Coturn
-      ];
      allowedTCPPortRanges = [
        { from = 8100; to = 8150; } # Azuracast
      ];
-      allowedUDPPorts = [
-        25565 19132 # Minecraft Voicechat and Bedrock
-        3478 5349 # Coturn UDP
-      ];
-      allowedUDPPortRanges = [
-        { from = 49000; to = 50000; } # Coturn range
-      ];
  
      # Add extra input rules using nftables
      extraInputRules = ''
        ip saddr ${ips.localSpan}.0/24 tcp dport 2049 accept comment "Accept NFS"
-        ip saddr ${ips.localSpan}.0/24 udp dport 53 accept comment "Accept DNS"
        ip saddr { ${ips.pc}, ${outputs.secrets.lunaIP}, ${outputs.secrets.cornIP}, ${outputs.secrets.vertIP} } tcp dport { 1935, 1945 } accept comment "Accept RTMP"
      '';
    };