fix(nftables): empty peeps

2026-02-09 04:19:19 -08:00 · 2025-10-20 09:31:13 -07:00 · 2025-10-20 09:31:13 -07:00 · 0db7d3b943
commit 0db7d3b943
parent ceeb079b58
1 changed files with 2 additions and 2 deletions
--- a/modules/nixos/access/peeps.nix
+++ b/modules/nixos/access/peeps.nix
@ -15,7 +15,7 @@
  hasSops = options ? sops.secrets;
 in {
  options.networking.access.peeps = with lib.types; {
-    enable = mkEnableOption "peeps" // {default = hasSops;};
+    enable = mkEnableOption "peeps" // {default = hasSops && cfg.ranges != {};};
    ranges = mkOption {
      type = attrsOf str;
      default = {};
@ -57,7 +57,7 @@ in {
    firewall.interfaces.peeps = {
      nftables.enable = cfg.enable;
      nftables.conditions = [
-        (mkIf (cfg.enable && networking.enableIPv6) condition)
+        (mkIf (cfg.enable && networking.enableIPv6 && cfg.ranges != {}) condition)
      ];
    };
  };