From bed08937205e6fdc6f94cedcfdb72cbb508bb2c8 Mon Sep 17 00:00:00 2001 From: albert Date: Wed, 23 Oct 2024 13:19:21 +0200 Subject: [PATCH] Firewall update, add dig and nmap --- nixos/common/desktops/plasma6/default.nix | 1 + nixos/common/packages/default.nix | 2 ++ nixos/hosts/framework-server/firewall.nix | 9 +++++++++ 3 files changed, 12 insertions(+) diff --git a/nixos/common/desktops/plasma6/default.nix b/nixos/common/desktops/plasma6/default.nix index 23796788..599957d2 100644 --- a/nixos/common/desktops/plasma6/default.nix +++ b/nixos/common/desktops/plasma6/default.nix @@ -22,6 +22,7 @@ }; environment.systemPackages = with pkgs; [ + nmapsi4 # Qt nmap GUI arc-kde-theme arc-theme kdePackages.plasma-browser-integration diff --git a/nixos/common/packages/default.nix b/nixos/common/packages/default.nix index f2782667..10670a51 100644 --- a/nixos/common/packages/default.nix +++ b/nixos/common/packages/default.nix @@ -3,6 +3,8 @@ # List packages installed in system profile environment.systemPackages = with pkgs; [ + dig + nmap nfs-utils # nfs network share tools sbctl # Secureboot Control wget # WebGet diff --git a/nixos/hosts/framework-server/firewall.nix b/nixos/hosts/framework-server/firewall.nix index e52003c1..d9491067 100644 --- a/nixos/hosts/framework-server/firewall.nix +++ b/nixos/hosts/framework-server/firewall.nix @@ -3,6 +3,15 @@ firewall = { enable = true; interfaces = { + docker0 = { + allowedTCPPorts = [ + 22 # SSH + 53 # DNS + 80 # HTTP + 443 # HTTPS + 5696 # dsm-kmip server + ]; + }; tailscale0 = { allowedTCPPorts = [ 22 # SSH