From dd1aff58525830178ff20ffbeb0706b7f45c88cd Mon Sep 17 00:00:00 2001
From: Austin Horstman <khaneliman12@gmail.com>
Date: Wed, 11 Oct 2023 13:10:06 -0500
Subject: [PATCH] feat: darwin networking disable stealth

---
 modules/darwin/suites/networking/default.nix |  8 +++++++-
 modules/darwin/system/interface/default.nix  |  8 --------
 modules/darwin/system/networking/default.nix | 10 ++++++++++
 3 files changed, 17 insertions(+), 9 deletions(-)

diff --git a/modules/darwin/suites/networking/default.nix b/modules/darwin/suites/networking/default.nix
index 3aa6ef878..91c59df1e 100644
--- a/modules/darwin/suites/networking/default.nix
+++ b/modules/darwin/suites/networking/default.nix
@@ -6,7 +6,7 @@
 }:
 let
   inherit (lib) mkIf;
-  inherit (lib.internal) mkBoolOpt;
+  inherit (lib.internal) mkBoolOpt enabled;
 
   cfg = config.khanelinix.suites.networking;
 in
@@ -17,6 +17,12 @@ in
   };
 
   config = mkIf cfg.enable {
+    khanelinix = {
+      system = {
+        networking = enabled;
+      };
+    };
+
     environment.systemPackages = with pkgs; [
       # ifstat-legacy
       nmap
diff --git a/modules/darwin/system/interface/default.nix b/modules/darwin/system/interface/default.nix
index a0abdce09..ffb48a0d8 100644
--- a/modules/darwin/system/interface/default.nix
+++ b/modules/darwin/system/interface/default.nix
@@ -55,14 +55,6 @@ in
         _FXShowPosixPathInTitle = true;
       };
 
-      # firewall settings
-      alf = {
-        # 0 = disabled 1 = enabled 2 = blocks all connections except for essential services
-        globalstate = 1;
-        loggingenabled = 0;
-        stealthenabled = 1;
-      };
-
       # dock settings
       dock = {
         # auto show and hide dock
diff --git a/modules/darwin/system/networking/default.nix b/modules/darwin/system/networking/default.nix
index e230f7bcd..c3a80f76d 100644
--- a/modules/darwin/system/networking/default.nix
+++ b/modules/darwin/system/networking/default.nix
@@ -18,5 +18,15 @@ in
     networking = {
       dns = [ "1.1.1.1" "8.8.8.8" ];
     };
+
+    system.defaults = {
+      # firewall settings
+      alf = {
+        # 0 = disabled 1 = enabled 2 = blocks all connections except for essential services
+        globalstate = 1;
+        loggingenabled = 0;
+        stealthenabled = 0;
+      };
+    };
   };
 }