8 lines
222 B
Nix
8 lines
222 B
Nix
{ config, ... }:
|
|
{
|
|
# make sure ssh is only available trough the tinc
|
|
networking.firewall.extraCommands = ''
|
|
iptables -t nat -A PREROUTING ! -i tinc.private -p tcp -m tcp --dport 22 -j REDIRECT --to-ports 0
|
|
'';
|
|
}
|