From 5db75d337f017df99fbbd56c208d7a1a220dc622 Mon Sep 17 00:00:00 2001
From: "Gustavo L de Mello (Guz)" <contact@guz.one>
Date: Fri, 4 Apr 2025 20:15:09 -0300
Subject: [PATCH] feat: move cloudflare tunnel config to network.nix

---
 capytal/cloudflare.nix | 21 ---------------------
 capytal/default.nix    |  3 ++-
 capytal/network.nix    | 22 ++++++++++++++++++++++
 3 files changed, 24 insertions(+), 22 deletions(-)
 delete mode 100644 capytal/cloudflare.nix

diff --git a/capytal/cloudflare.nix b/capytal/cloudflare.nix
deleted file mode 100644
index e9640d6..0000000
--- a/capytal/cloudflare.nix
+++ /dev/null
@@ -1,21 +0,0 @@
-{config, ...}: let
-  secrets = config.spacestation-secrets.lesser;
-in {
-  imports = [];
-
-  virtualisation.oci-containers.containers.cloudflare-funnel = {
-    image = "cloudflare/cloudflared:latest";
-    autoStart = true;
-    extraOptions = [
-      "--network=host"
-    ];
-    cmd = [
-      "tunnel"
-      "--no-autoupdate"
-      "run"
-      "--token"
-      secrets.capytal.cloudflare-funnel
-    ];
-    environment = {};
-  };
-}
diff --git a/capytal/default.nix b/capytal/default.nix
index ebc6d67..30a3a3a 100644
--- a/capytal/default.nix
+++ b/capytal/default.nix
@@ -1,8 +1,9 @@
 {inputs, ...}: {
   imports = [
-    ./caddy.nix
     ./cloudflare.nix
+    ./network.nix
     ./websites.nix
+
     ./forgejo
     ./garage.nix
     ./sqld.nix
diff --git a/capytal/network.nix b/capytal/network.nix
index 8adab92..c73011e 100644
--- a/capytal/network.nix
+++ b/capytal/network.nix
@@ -17,4 +17,26 @@
       '';
     };
   };
+  virtualisation.oci-containers.containers.cloudflare-funnel = let
+    secrets = config.spacestation-secrets.lesser;
+  in {
+    image = "cloudflare/cloudflared:latest";
+    autoStart = true;
+    extraOptions = [
+      "--network=host"
+    ];
+    cmd = [
+      "tunnel"
+      "--no-autoupdate"
+      "run"
+      "--token"
+      secrets.capytal.cloudflare-funnel
+    ];
+    environment = {};
+  };
+
+  networking.firewall.allowedTCPPorts = [
+    80
+    433
+  ];
 }