From b480c941885c6d5fa5eddc6b8687c7e14e850615 Mon Sep 17 00:00:00 2001 From: oqyude Date: Wed, 23 Jul 2025 20:03:47 +0300 Subject: [PATCH] 123 --- devices/hardware/vds.nix | 5 ++++- devices/vds.nix | 11 ++++++++--- 2 files changed, 12 insertions(+), 4 deletions(-) mode change 100755 => 100644 devices/vds.nix diff --git a/devices/hardware/vds.nix b/devices/hardware/vds.nix index e303ba9..ba4f5ac 100755 --- a/devices/hardware/vds.nix +++ b/devices/hardware/vds.nix @@ -40,7 +40,10 @@ "/boot" = { device = lib.mkForce "/dev/disk/by-partlabel/disk-main-ESP"; fsType = "vfat"; - options = [ "fmask=0022" "dmask=0022" ]; + options = [ + "fmask=0022" + "dmask=0022" + ]; }; }; diff --git a/devices/vds.nix b/devices/vds.nix old mode 100755 new mode 100644 index b096f09..3a8f68f --- a/devices/vds.nix +++ b/devices/vds.nix @@ -39,7 +39,7 @@ let # efiInstallAsRemovable = true; # }; boot = { - #kernelPackages = pkgs.linuxPackages_xanmod_stable; + kernelPackages = pkgs.linuxPackages_xanmod_stable; hardwareScan = true; loader = { grub = { @@ -81,6 +81,7 @@ let }; samba = { enable = true; + openFirewall = true; settings = { global = { "invalid users" = [ ]; @@ -116,6 +117,7 @@ let openssh = { enable = true; allowSFTP = true; + openFirewall = true; hostKeys = [ { path = "/etc/ssh/id_ed25519"; @@ -128,13 +130,16 @@ let UsePAM = true; }; }; - tailscale.enable = true; + tailscale = { + enable = true; + openFirewall = true; + }; }; networking = { hostName = "${inputs.zeroq.devices.vds.hostname}"; networkmanager.enable = true; - firewall.enable = false; + firewall.enable = true; }; system = {