feat: no more recusion, simplified the function

applications/firewall.nix

@@ -16,14 +16,6 @@
           A list of routes to forward
         '';
       };
-      # need to seperate it out as to not cause infinite loops
-      forward_parsed = lib.mkOption {
-        default = "";
-        type = lib.types.str;
-        description = ''
-          A list of routes to forward joined as a single string
-        '';
-      };
     };
   };
 
@@ -77,7 +69,7 @@
           # ip saddr 193.1.99.123 tcp dport 443 counter packets 0 bytes 0 accept
 
           # can basically make each machiene responsibile for their own forwarding (in config at least)
-          ${config.skynet_firewall.forward_parsed}
+          ${lib.strings.concatMapStrings (x: x + "\n") config.skynet_firewall.forward}
 
           counter packets 0 bytes 0 reject with icmp type admin-prohibited
         }

machines/test01.nix

@@ -15,15 +15,16 @@
     enable = true;
 
     # gonna have to get all the
-    forward_parsed =
-      # merge together with a newline char
-      lib.strings.concatMapStrings (x: x + "\n") (
-        # merge the lists together
-        builtins.concatLists (
-          # using this function "(key: value: value.config.skynet_firewall.forward)" turn the values ointo a list
-          lib.attrsets.mapAttrsToList (key: value: value.config.skynet_firewall.forward) nodes
-        )
-      );
+    forward = builtins.concatLists (
+      # using this function "(key: value: value.config.skynet_firewall.forward)" turn the values ointo a list
+      lib.attrsets.mapAttrsToList (key: value:
+        # make sure that anything running this firewall dosent count (recursion otherewise)
+        # firewall may want to open ports in itself but can deal with that later
+        if value.config.skynet_firewall.enable
+        then []
+        else value.config.skynet_firewall.forward
+      ) nodes
+    );
   };
 
 }