From 05f0a5ab1cdf38219beba4f80e0734bc32e00e42 Mon Sep 17 00:00:00 2001
From: Tasia Iso <tasiaiso@proton.me>
Date: Sun, 2 Feb 2025 22:06:12 +0100
Subject: [PATCH] some stuff

---
 hosts/jo/configuration.nix | 25 +++++++++++++++++++++----
 1 file changed, 21 insertions(+), 4 deletions(-)

diff --git a/hosts/jo/configuration.nix b/hosts/jo/configuration.nix
index 4484ab2..ce3525b 100644
--- a/hosts/jo/configuration.nix
+++ b/hosts/jo/configuration.nix
@@ -42,7 +42,7 @@ in {
     # ../../common/services/autoupgrade.nix
 
     # Home-manager
-    # ../../home/tasia/home.nix
+    ../../home/tasia/home.nix
 
     inputs.agenix.nixosModules.default
     ../../common/components/wifi-secrets.nix
@@ -76,16 +76,33 @@ in {
 
   services.tailscale.enable = true;
   services.syncthing.guiAddress = "0.0.0.0:8384";
+  # TODO ????
   boot.initrd.luks.devices."luks-7aa6742e-020d-49aa-a458-78ea5c3b85f8".keyFile = "/crypto_keyfile.bin";
-  networking.hostName = "jo"; # Define your hostname.
   # networking.wireless.enable = true;  # Enables wireless support via wpa_supplicant.
 
   # Configure network proxy if necessary
   # networking.proxy.default = "http://user:password@proxy:port/";
   # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
 
-  # Enable networking
-  networking.networkmanager.enable = true;
+  networking = {
+    hostName = "jo";
+
+    firewall = {
+      allowedTCPPorts = [
+        22
+        # 8080 # ?
+        # 3001
+        # 443
+        # 8000
+        # 8008 # ssb
+        # 12345 # tildefriends
+        # 13378 # audiobookshelf
+      ];
+      allowedUDPPorts = [
+        # 8080 # ?
+      ];
+    };
+  };
 
   users.users.tasia.openssh.authorizedKeys.keys = [
     sshKeys.tasia.cave