From 3f4dbf3d9ca557e22e38a136d5416cf546a5d410 Mon Sep 17 00:00:00 2001
From: Filippo Berto <berto.f@protonmail.com>
Date: Mon, 5 Jun 2023 09:32:26 +0200
Subject: [PATCH] Freya: open firewall for syncthing

---
 freya/configuration.nix | 21 ++++++++++++++++++++-
 1 file changed, 20 insertions(+), 1 deletion(-)

diff --git a/freya/configuration.nix b/freya/configuration.nix
index b92f6be..0c9bb2c 100644
--- a/freya/configuration.nix
+++ b/freya/configuration.nix
@@ -19,7 +19,26 @@
   i18n.defaultLocale = "it_IT.UTF-8";
 
   networking.hostName = "freya";
-  networking.firewall.allowedTCPPorts = [ 80 ];
+  # networking.firewall.allowedTCPPorts = [ 80 ];
+  networking.firewall = {
+    enable = true;
+    allowPing = true;
+    allowedTCPPorts = [
+      # 445 # SAMBA
+      # 139 # SAMBA
+      # 5357 # SAMBA-WSDD
+      # 8123 # HOME ASSISTANT
+      8384 # SYNCTHING
+      # 8385 # SYNCTHING
+    ];
+    allowedUDPPorts = [
+      137 # SYNCTHING
+      138 # SYNCTHING
+      # 3702 # SAMBA-WSDD
+    ];
+    # extraCommands =
+    #   "iptables -t raw -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns";
+  };
 
   programs = {
     dconf.enable = true;