From d4872894ea6b9905249ae6601667feaca77e4927 Mon Sep 17 00:00:00 2001
From: DarkGuibrine <darkgui@protonmail.com>
Date: Mon, 11 May 2026 19:11:02 -0300
Subject: [PATCH] ativar firewall

---
 .../darkgui-vps/config/self-host/firewall.nix | 11 +++++-----
 .../config/self-host/self-host.nix            | 20 -------------------
 2 files changed, 6 insertions(+), 25 deletions(-)

diff --git a/hosts/darkgui-vps/config/self-host/firewall.nix b/hosts/darkgui-vps/config/self-host/firewall.nix
index 7088305..d67e7d0 100644
--- a/hosts/darkgui-vps/config/self-host/firewall.nix
+++ b/hosts/darkgui-vps/config/self-host/firewall.nix
@@ -9,16 +9,17 @@
 
   # Open ports in the firewall.
   networking.firewall = {
-    enable = false;
+    enable = true;
     allowedTCPPorts = [
+      22
       80
+      81
       443
+      3000
       5335
       7777
-    ];
-    allowedTCPPorts = [
-      5335
-      7777
+      9000
+      11000
     ];
     trustedInterfaces = [ "tailscale0" "docker0" ];
     allowedUDPPorts = [ config.services.tailscale.port ];
diff --git a/hosts/darkgui-vps/config/self-host/self-host.nix b/hosts/darkgui-vps/config/self-host/self-host.nix
index d297a45..01fb744 100644
--- a/hosts/darkgui-vps/config/self-host/self-host.nix
+++ b/hosts/darkgui-vps/config/self-host/self-host.nix
@@ -16,26 +16,6 @@
     };
   };
 
-  # Open ports in the firewall.
-  networking.firewall = {
-    enable = false;
-    allowedTCPPorts = [
-      80
-      443
-    ];
-    allowedUDPPortRanges = [
-      {
-        from = 47998;
-        to = 48000;
-      }
-      {
-        from = 48002;
-        to = 48010;
-      }
-    ];
-    trustedInterfaces = [ "tailscale0" ];
-    allowedUDPPorts = [ config.services.tailscale.port ];
-  };
 
   boot.kernel.sysctl = {
     "net.ipv4.ip_unprivileged_port_start" = 53;