From 84307f11603391aa872c79932b7dd96c87dc6b88 Mon Sep 17 00:00:00 2001
From: Alexander Szczepanski <alexander@szczepan.ski>
Date: Fri, 18 Jun 2021 20:49:04 +0200
Subject: [PATCH] chagend firewall settings

---
 machine/vps/configuration.nix | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/machine/vps/configuration.nix b/machine/vps/configuration.nix
index a98402a..fe69dc6 100644
--- a/machine/vps/configuration.nix
+++ b/machine/vps/configuration.nix
@@ -79,6 +79,7 @@
     enable = true;
     permitRootLogin = "no";
     passwordAuthentication = false;
+    openFirewall = true;
   };
 
   security.acme.email = "webmaster@szczepan.ski";
@@ -156,8 +157,8 @@
   systemd.services.fail2ban.serviceConfig.LimitSTACK = 256 * 1024;
 
   # Open ports in the firewall.
-  networking.firewall.allowedTCPPorts = [ 22 80 443 ];
-  networking.firewall.allowedUDPPorts = [ 22 80 443 ];
+  networking.firewall.allowedTCPPorts = [ 80 443 ];
+  networking.firewall.allowedUDPPorts = [ 80 443 ];
   # Or disable the firewall altogether.
   # networking.firewall.enable = false;