From 480334e081a830095d3838d7d3a2d3987f2d7e13 Mon Sep 17 00:00:00 2001
From: Jermeiah S <owner@arouzing.xyz>
Date: Sat, 14 Jun 2025 21:39:28 -0400
Subject: [PATCH] remove firewall improve otf

---
 configurations/nixos/tofu/default.nix | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/configurations/nixos/tofu/default.nix b/configurations/nixos/tofu/default.nix
index 28a5cdc..c9b06d4 100644
--- a/configurations/nixos/tofu/default.nix
+++ b/configurations/nixos/tofu/default.nix
@@ -20,10 +20,19 @@ in
     tty-ips.enable = true;
     otf = {
       enable = true;
+      environment = {
+        # OTF_KEY_FILE=/fixtures/key.pem
+        # SSL_CERT_FILE=/fixtures/cert.pem
+        # OTF_LOG_HTTP_REQUESTS = "true";
+        OTF_ADDRESS = "0.0.0.0:9000";
+        OTF_HOSTNAME = "tofu.skdevstudios.com";
+        OTF_DEFAULT_ENGINE = "tofu";
+      };
       environmentFile = config.sops.secrets.otfenv.path;
     };
   };
   networking = {
+    firewall.enable = false;
     yggdrasil = {
       enable = true;
       AllowedPublicKeys = [