From 37db37e554ddde256cd8bdf0320c641fa7b5f0a0 Mon Sep 17 00:00:00 2001
From: wo2wz <189177184+wo2wz@users.noreply.github.com>
Date: Sat, 9 Aug 2025 12:18:57 -0400
Subject: [PATCH] add ssh to Drone and force firewall to have no open ports
 (also fix nano tabs (i did not know it would do this))

---
 hosts/Drone/default.nix | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/hosts/Drone/default.nix b/hosts/Drone/default.nix
index 8f4eb85..7320d76 100644
--- a/hosts/Drone/default.nix
+++ b/hosts/Drone/default.nix
@@ -4,6 +4,7 @@
   imports = [
     ./hardware-configuration.nix
     
+    ../../common/ssh/server.nix
     ../../common/boot.nix
     ../../common/locales.nix
     ../../common/nix.nix
@@ -25,7 +26,15 @@
     size = 8192;
   }];
 
-  networking.hostName = "${hostName}";
+  networking = {
+    hostName = "${hostName}";
+    firewall = lib.mkForce {
+      allowedTCPPorts = [];
+      allowedTCPPortRanges = [];
+      allowedUDPPorts = [];
+      allowedUDPPortRanges = [];
+    };
+  };
 
   environment.defaultPackages = lib.mkForce [];
   
@@ -121,8 +130,8 @@
     zipline = {
       enable = true;
       settings = {
-	FEATURES_VERSION_CHECKING = "false";
-	FEATURES_THUMBNAILS_NUM_THREADS = 2;
+	      FEATURES_VERSION_CHECKING = "false";
+      	FEATURES_THUMBNAILS_NUM_THREADS = 2;
       };
       environmentFiles = [ "/var/secrets/zipline/secrets.env" ];
     };