From d4f3e8ad6f2c180609a051a723d3fe4ae1b3a091 Mon Sep 17 00:00:00 2001
From: 0xTux <0xtux@pm.me>
Date: Fri, 13 Sep 2024 20:09:52 +0530
Subject: [PATCH] update firewall rules

---
 hosts/canopus/default.nix    | 2 +-
 hosts/controller/default.nix | 4 ++++
 modules/nixos/headscale.nix  | 1 -
 3 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/hosts/canopus/default.nix b/hosts/canopus/default.nix
index 4dcac2a..1b282bc 100755
--- a/hosts/canopus/default.nix
+++ b/hosts/canopus/default.nix
@@ -24,7 +24,7 @@
     };
     firewall = {
       enable = true;
-      allowedTCPPorts = [80 443 3000 6666 8081];
+      allowedTCPPorts = [80 443 22 3000 6666 8081];
       allowedTCPPortRanges = [
         {
           from = 1714;
diff --git a/hosts/controller/default.nix b/hosts/controller/default.nix
index 1ac92df..bb118e9 100644
--- a/hosts/controller/default.nix
+++ b/hosts/controller/default.nix
@@ -47,6 +47,10 @@
 
   networking = {
     hostName = "controller";
+    firewall = {
+      enable = true;
+      allowedTCPPorts = [80 443 22];
+    };
   };
 
   security = {
diff --git a/modules/nixos/headscale.nix b/modules/nixos/headscale.nix
index 1d83932..3cf1eab 100644
--- a/modules/nixos/headscale.nix
+++ b/modules/nixos/headscale.nix
@@ -60,6 +60,5 @@
     };
   };
 
-  networking.firewall.allowedTCPPorts = [80 443];
   environment.systemPackages = with pkgs; [headscale];
 }