feat: darwin networking disable stealth

khaneliman · Oct 11, 2023 · dd1aff5 · dd1aff5
1 parent 1f57175
commit dd1aff5
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 9 deletions.
diff --git a/modules/darwin/suites/networking/default.nix b/modules/darwin/suites/networking/default.nix
@@ -6,7 +6,7 @@
 }:
 let
   inherit (lib) mkIf;
-  inherit (lib.internal) mkBoolOpt;
+  inherit (lib.internal) mkBoolOpt enabled;
 
   cfg = config.khanelinix.suites.networking;
 in
@@ -17,6 +17,12 @@ in
   };
 
   config = mkIf cfg.enable {
+    khanelinix = {
+      system = {
+        networking = enabled;
+      };
+    };
+
     environment.systemPackages = with pkgs; [
       # ifstat-legacy
       nmap

diff --git a/modules/darwin/system/interface/default.nix b/modules/darwin/system/interface/default.nix
@@ -55,14 +55,6 @@ in
         _FXShowPosixPathInTitle = true;
       };
 
-      # firewall settings
-      alf = {
-        # 0 = disabled 1 = enabled 2 = blocks all connections except for essential services
-        globalstate = 1;
-        loggingenabled = 0;
-        stealthenabled = 1;
-      };
-
       # dock settings
       dock = {
         # auto show and hide dock

diff --git a/modules/darwin/system/networking/default.nix b/modules/darwin/system/networking/default.nix
@@ -18,5 +18,15 @@ in
     networking = {
       dns = [ "1.1.1.1" "8.8.8.8" ];
     };
+
+    system.defaults = {
+      # firewall settings
+      alf = {
+        # 0 = disabled 1 = enabled 2 = blocks all connections except for essential services
+        globalstate = 1;
+        loggingenabled = 0;
+        stealthenabled = 0;
+      };
+    };
   };
 }