initial commit

2026-04-01 08:50:01 +03:00 · 2026-04-01 08:50:01 +03:00 · 30ce0dafc2
commit 30ce0dafc2
195 changed files with 8902 additions and 0 deletions
--- a/services/prosody/firewall.nix
+++ b/services/prosody/firewall.nix
@ -0,0 +1,38 @@
+{
+  config,
+  lib,
+  ...
+}:
+let
+  inherit (config.machine.prosody)
+    enable
+    ;
+in
+with lib; mkIf enable {
+  networking.firewall = {
+    allowedTCPPorts = [
+      # HTTP filer
+      80
+      443
+
+      # C2S
+      5222
+      5223
+
+      # S2S
+      5269
+      5270
+
+      # WebSockets / BOSH
+      5280
+      5281
+    ]
+    ++ concatLists (
+      with config.services.prosody;
+      [
+        httpPorts
+        httpsPorts
+      ]
+    );
+  };
+}