migrate firewall config increase security

modules/nixos/common/incus.nix

@@ -14,6 +14,20 @@
   };
 
   networking = {
+    firewall = {
+      enable = true;
+      interfaces = {
+        ygg0 = {
+          allowedTCPPorts = [ 22 ];
+          allowedUDPPorts = [ ];
+        };
+      };
+
+      # Default deny policy for all interfaces (including ygg0)
+      allowPing = false;
+      allowedTCPPorts = [ ];
+      allowedUDPPorts = [ ];
+    };
     dhcpcd.enable = false;
     useDHCP = false;
     useHostResolvConf = false;