From b5a256472cc39131285e253bdb39c8ce4d402d84 Mon Sep 17 00:00:00 2001
From: Florian Schmitt <mrflos@gmail.com>
Date: Fri, 27 Dec 2024 10:09:03 +0300
Subject: [PATCH] feat(sanji): use firewall and open ports

---
 config/sanji/configuration.nix | 22 +++++++++++++++-------
 1 file changed, 15 insertions(+), 7 deletions(-)

diff --git a/config/sanji/configuration.nix b/config/sanji/configuration.nix
index 3b187a3..7b86bef 100644
--- a/config/sanji/configuration.nix
+++ b/config/sanji/configuration.nix
@@ -51,13 +51,21 @@
 
   networking = {
     hostName = "sanji";
-    firewall.enable = false;
-    firewall.allowedUDPPortRanges = [
-      {
-        from = 60000;
-        to = 61000;
-      }
-    ];
+    firewall = {
+      enable = true;
+      allowedTCPPorts = [
+        80
+        4222
+        443
+        8081
+      ];
+      allowedUDPPortRanges = [
+        {
+          from = 60000;
+          to = 61000;
+        }
+      ];
+    };
     nat = {
       enable = true;
       internalIPs = [ "10.10.5.0/24" ];