From dd37a55211fe386e9368600c4f1f69dd29b79a9f Mon Sep 17 00:00:00 2001
From: Daylin Morgan <daylinmorgan@gmail.com>
Date: Wed, 3 May 2023 22:38:07 -0500
Subject: [PATCH] add networking rules

---
 hosts/algiz/configuration.nix | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/hosts/algiz/configuration.nix b/hosts/algiz/configuration.nix
index e16f9fe..33d2433 100644
--- a/hosts/algiz/configuration.nix
+++ b/hosts/algiz/configuration.nix
@@ -6,6 +6,7 @@
   ];
   security.sudo.wheelNeedsPassword = false;
   users.defaultUserShell = pkgs.zsh;
+
   users.extraUsers = {
     daylin = {
       isNormalUser = true;
@@ -36,7 +37,7 @@
   networking.hostName = "algiz";
   time.timeZone = "America/Chicago";
   programs.zsh.enable = true;
-  virtualisation.docker.enable = true;
+   virtualisation.docker.enable = true;
 
   programs.nix-ld.enable = true;
   programs.nix-ld.libraries = with pkgs; [
@@ -96,11 +97,14 @@
     enableSSHSupport = true;
   };
 
-  # List services that you want to enable:
+  # allow tcp connections for git.dayl.in (gitea)
+  networking.firewall = {
+    enable = true;
+    allowedTCPPorts = [ 80 443 ];
+  };
 
   # Enable the OpenSSH daemon.
   services.openssh.enable = true;
-  services.openssh.permitRootLogin = "no";
   users.mutableUsers = false;
 
   # This value determines the NixOS release from which the default