modules/networking/firewall.nix


1
2
3
4
5
6
7
8
9
10
11
12
13

{
  networking.firewall = {
    enable = true;
    allowedUDPPorts = [ 53 ];
    allowPing = false;
    trustedInterfaces = [ "tailscale0" ];

    allowedTCPPorts = [
      80
      443
    ];
  };
}