Add firewall and kanata configuration

Signed-off-by: George Kaklamanos <gkaklas@gkaklas.gr>
2024-04-28 22:16:36 +03:00 · 2024-04-28 22:16:36 +03:00 · e0e32ffc84
commit e0e32ffc84
parent 22548339a9
3 changed files with 123 additions and 0 deletions
--- a/nixos/firewall.nix
+++ b/nixos/firewall.nix
@ -0,0 +1,40 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}: {
+  networking.firewall = {
+    enable = true;
+    # https://docs.syncthing.net/users/firewall.html
+    allowedTCPPorts = [
+      # Syncthing
+      8384
+      22000
+    ];
+    allowedUDPPorts = [
+      # Syncthing
+      22000
+      21027
+    ];
+    allowedTCPPortRanges = [
+      # KDE Connect
+      {
+        from = 1714;
+        to = 1764;
+      }
+    ];
+    allowedUDPPortRanges = [
+      # KDE Connect
+      {
+        from = 1714;
+        to = 1764;
+      }
+      # Mosh
+      {
+        from = 60000;
+        to = 61000;
+      }
+    ];
+  };
+}