prefect: cleanup networking config

author: Alan Pearce 2024-06-03 16:47:42 +0200
committer: Alan Pearce 2024-06-03 16:47:52 +0200
commit: 7d1ce5817edf16ac0f7caabf4261c49ae883025c (patch)
tree: 6c44382335b9583808821f2638f79f44c18603db /system
parent: f5a6699de087225feec13f3de66c02f4986e99c0 (diff)
download: nixfiles-7d1ce5817edf16ac0f7caabf4261c49ae883025c.tar.lz
nixfiles-7d1ce5817edf16ac0f7caabf4261c49ae883025c.tar.zst
nixfiles-7d1ce5817edf16ac0f7caabf4261c49ae883025c.zip
1 files changed, 10 insertions, 14 deletions
diff --git a/system/prefect.nix b/system/prefect.nix
index e60f22de..1ee93fc1 100644
--- a/system/prefect.nix
+++ b/system/prefect.nix
@@ -103,7 +103,6 @@
   };
 
   systemd.network = {
-    enable = true;
     networks."40-enp7s0" = {
       dhcpV4Config = {
         UseDomains = true;
@@ -120,6 +119,7 @@
     };
   };
   networking = {
+    hostName = "prefect";
     useDHCP = false;
     useNetworkd = true;
     interfaces.enp7s0 = {
@@ -128,20 +128,16 @@
     hosts = {
       "fd7a:115c:a1e0::53" = [ "tailscale" "ts" ];
     };
-  };
-  networking.nftables = {
-    enable = true;
-  };
-  networking.firewall = {
-    allowedTCPPorts = [ 80 443 139 445 1024 ];
-    extraInputRules = ''
-      ip saddr 10.0.0.0/8 accept
-      ip6 saddr { fd00::/8, fe80::/10 } accept
-    '';
-  };
 
-  networking = {
-    hostName = "prefect";
+    nftables = {
+      enable = true;
+    };
+    firewall = {
+      extraInputRules = ''
+        ip saddr 10.0.0.0/8 accept
+        ip6 saddr { fd00::/8, fe80::/10 } accept
+      '';
+    };
   };
 
   services.resolved = {
author	Alan Pearce	2024-06-03 16:47:42 +0200
committer	Alan Pearce	2024-06-03 16:47:52 +0200
commit	7d1ce5817edf16ac0f7caabf4261c49ae883025c (patch)
tree	6c44382335b9583808821f2638f79f44c18603db /system
parent	f5a6699de087225feec13f3de66c02f4986e99c0 (diff)
download	nixfiles-7d1ce5817edf16ac0f7caabf4261c49ae883025c.tar.lz nixfiles-7d1ce5817edf16ac0f7caabf4261c49ae883025c.tar.zst nixfiles-7d1ce5817edf16ac0f7caabf4261c49ae883025c.zip