2 files changed, 18 insertions, 2 deletions

diff --git a/modules/server/networking/default.nix b/modules/server/networking/default.nix
index c71b072..836462a 100644
--- a/modules/server/networking/default.nix
+++ b/modules/server/networking/default.nix
@@ -1,14 +1,23 @@
 {
   imports = [ ./caddy.nix ];
-  services.openssh.enable = true;
+
+  services.openssh = {
+    enable = true;
+    openFirewall = false;
+  };
 
   networking = {
     hostName = "himeji";
     domain = "";
+    nftables.enable = true;
+    allowedUDPPorts = [ 53 ];
 
     firewall.allowedTCPPorts = [
+      70
+      79
       80
       443
+      1965
     ];
   };
 }
diff --git a/modules/server/virtualisation.nix b/modules/server/virtualisation.nix
index 0bda69e..151cd9d 100644
--- a/modules/server/virtualisation.nix
+++ b/modules/server/virtualisation.nix
@@ -5,7 +5,14 @@ in
 {
   virtualisation = {
     containers.enable = true;
-    docker.enable = containerEngine == "docker";
+
+    docker = {
+      enable = containerEngine == "docker";
+
+      daemon.settings = {
+        iptables = false;
+      };
+    };
 
     podman = {
       enable = containerEngine == "podman";