From 71518094fe8e7c9b89a328e3df630d120dc7418b Mon Sep 17 00:00:00 2001
From: TheWanderingCrow <contact@wanderingcrow.net>
Date: Thu, 7 Aug 2025 11:34:11 -0400
Subject: [PATCH] nebula

---
 hosts/common/core/nebula.nix | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/hosts/common/core/nebula.nix b/hosts/common/core/nebula.nix
index 3ba47b8..21f1c70 100644
--- a/hosts/common/core/nebula.nix
+++ b/hosts/common/core/nebula.nix
@@ -14,8 +14,18 @@ in {
   sops.secrets."keys/nebula" = lib.mkIf (builtins.hasAttr "${config.hostSpec.hostName}" s.hosts) {};
   services.nebula.networks.wce = lib.mkIf (builtins.hasAttr "${config.hostSpec.hostName}" s.hosts) {
     inherit (s) ca lighthouses staticHostMap;
-    inherit (s.hosts.${config.hostSpec.hostName}) cert isLighthouse firewall;
+    inherit (s.hosts.${config.hostSpec.hostName}) cert isLighthouse;
     key = config.sops.secrets."keys/nebula".path;
     enable = true;
+    firewall.outbound = {
+      host = lib.mkDefault "any";
+      port = lib.mkDefault "any";
+      proto = lib.mkDefault "any";
+    };
+    firewall.inbound = {
+      host = lib.mkDefault "any";
+      port = lib.mkDefault "any";
+      proto = lib.mkDefault "any";
+    };
   };
 }