30 lines
716 B
Nix
30 lines
716 B
Nix
{...}: {
|
|
networking = {
|
|
nameservers = [ "9.9.9.9#dns.quad9.net" "1.1.1.1#one.one.one.one" ];
|
|
|
|
firewall = {
|
|
enable = true;
|
|
# ssh: 22 TCP
|
|
# cups: 631 TCP
|
|
# syncthing:
|
|
# 22000 TCP and/or UDP for sync traffic
|
|
# 21027/UDP for discovery
|
|
allowedTCPPorts = [ 22 22000 631 ];
|
|
allowedUDPPorts = [ 22000 21027 ];
|
|
};
|
|
};
|
|
|
|
services.nordvpn = {
|
|
enable = true;
|
|
users = [ "user" ];
|
|
};
|
|
|
|
# services.resolved = {
|
|
# enable = true;
|
|
# dnssec = "true";
|
|
# domains = ["~."];
|
|
# fallbackDns = [ "9.9.9.9#dns.quad9.net" "149.112.112.112#dns.quad9.net" "1.1.1.1#one.one.one.one" "1.0.0.1#one.one.one.one" ];
|
|
# dnsovertls = "true";
|
|
# };
|
|
}
|