1# Open firewall ports for Syncthing (home-manager user service).
 2#
 3# Syncthing runs as a home-manager service which cannot manage system firewall.
 4# This NixOS module opens the required ports:
 5#   - TCP 22000: Sync protocol (file transfer)
 6#   - UDP 22000: QUIC sync protocol
 7#   - UDP 21027: Local discovery (LAN broadcast)
 8{
 9  networking.firewall = {
10    allowedTCPPorts = [ 22000 ];
11    allowedUDPPorts = [
12      22000
13      21027
14    ];
15  };
16}