From 65e35680723897442bab4a8f001185990317a83e Mon Sep 17 00:00:00 2001
From: soraefir <soraefir+git@helcel>
Date: Fri, 8 May 2026 01:18:02 +0200
Subject: [PATCH] Db

---
 modules/server/nftables/default.nix | 2 +-
 systems/sandbox/cfg.nix             | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/modules/server/nftables/default.nix b/modules/server/nftables/default.nix
index af32eec..1c9a4f6 100644
--- a/modules/server/nftables/default.nix
+++ b/modules/server/nftables/default.nix
@@ -15,7 +15,7 @@ in{
           ct state established,related accept
           iifname "lo" accept
           tcp dport {22} accept
-          ${if cfg.db then ''tcp dport {5432, 6379} ip saddr { 10.0.0.0/8, 169.254.0.0/16 } accept'' else ""}
+          ${if builtins.length cfg.db > 0 then ''tcp dport {5432, 6379} ip saddr { 10.0.0.0/8, 169.254.0.0/16 } accept'' else ""}
           ${if cfg.web then ''tcp dport {80, 443} accept
           udp dport {80, 443} accept'' else ""}
           
diff --git a/systems/sandbox/cfg.nix b/systems/sandbox/cfg.nix
index ac76081..63c1f7f 100644
--- a/systems/sandbox/cfg.nix
+++ b/systems/sandbox/cfg.nix
@@ -22,6 +22,7 @@
       openssh = true;
       web = true;
       sops = true;
+      db = [ "_" ];
 
       hostDomain = "test.helcel.net";
       shortName = "testcel";