{ ... }:
{
  networking.firewall.enable = true;
}