From 0b9f76dcb4421c448dc53343ea218324db8cf6b2 Mon Sep 17 00:00:00 2001
From: ErrorNoInternet <errornointernet@envs.net>
Date: Sun, 3 May 2026 11:17:19 -0400
Subject: [PATCH] nixos: separate openssh firewall port

---
 nixos/common.nix  | 8 +-------
 nixos/openssh.nix | 2 ++
 2 files changed, 3 insertions(+), 7 deletions(-)

diff --git a/nixos/common.nix b/nixos/common.nix
index 4ff3435..9992a33 100644
--- a/nixos/common.nix
+++ b/nixos/common.nix
@@ -92,13 +92,7 @@ in
   networking = {
     networkmanager.enable = true;
 
-    firewall = {
-      enable = true;
-
-      allowedTCPPorts = [
-        22
-      ];
-    };
+    firewall.enable = true;
   };
 
   virtualisation.podman.enable = true;
diff --git a/nixos/openssh.nix b/nixos/openssh.nix
index 2506c35..4ec1497 100644
--- a/nixos/openssh.nix
+++ b/nixos/openssh.nix
@@ -10,4 +10,6 @@
       PermitRootLogin = "no";
     };
   };
+
+  networking.firewall.allowedTCPPorts = [ 22 ];
 }