some stuff

hosts/jo/configuration.nix

@@ -42,7 +42,7 @@ in {
     # ../../common/services/autoupgrade.nix
 
     # Home-manager
-    # ../../home/tasia/home.nix
+    ../../home/tasia/home.nix
 
     inputs.agenix.nixosModules.default
     ../../common/components/wifi-secrets.nix
@@ -76,16 +76,33 @@ in {
 
   services.tailscale.enable = true;
   services.syncthing.guiAddress = "0.0.0.0:8384";
+  # TODO ????
   boot.initrd.luks.devices."luks-7aa6742e-020d-49aa-a458-78ea5c3b85f8".keyFile = "/crypto_keyfile.bin";
-  networking.hostName = "jo"; # Define your hostname.
   # networking.wireless.enable = true;  # Enables wireless support via wpa_supplicant.
 
   # Configure network proxy if necessary
   # networking.proxy.default = "http://user:password@proxy:port/";
   # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
 
-  # Enable networking
+  networking = {
-  networking.networkmanager.enable = true;
+    hostName = "jo";
+
+    firewall = {
+      allowedTCPPorts = [
+        22
+        # 8080 # ?
+        # 3001
+        # 443
+        # 8000
+        # 8008 # ssb
+        # 12345 # tildefriends
+        # 13378 # audiobookshelf
+      ];
+      allowedUDPPorts = [
+        # 8080 # ?
+      ];
+    };
+  };
 
   users.users.tasia.openssh.authorizedKeys.keys = [
     sshKeys.tasia.cave