diff --git a/nixos/common.nix b/nixos/common.nix
index 4ff3435..9992a33 100644
--- a/nixos/common.nix
+++ b/nixos/common.nix
@@ -92,13 +92,7 @@ in
   networking = {
     networkmanager.enable = true;
 
-    firewall = {
-      enable = true;
-
-      allowedTCPPorts = [
-        22
-      ];
-    };
+    firewall.enable = true;
   };
 
   virtualisation.podman.enable = true;
diff --git a/nixos/openssh.nix b/nixos/openssh.nix
index 2506c35..4ec1497 100644
--- a/nixos/openssh.nix
+++ b/nixos/openssh.nix
@@ -10,4 +10,6 @@
       PermitRootLogin = "no";
     };
   };
+
+  networking.firewall.allowedTCPPorts = [ 22 ];
 }