feat: generating firewall forwarding rules from individual machiene configs complete

applications/firewall.nix

@@ -16,6 +16,14 @@
           A list of routes to forward
         '';
       };
+      # need to seperate it out as to not cause infinite loops
+      forward_parsed = lib.mkOption {
+        default = "";
+        type = lib.types.str;
+        description = ''
+          A list of routes to forward joined as a single string
+        '';
+      };
     };
   };
 
@@ -69,7 +77,7 @@
           # ip saddr 193.1.99.123 tcp dport 443 counter packets 0 bytes 0 accept
 
           # can basically make each machiene responsibile for their own forwarding (in config at least)
-          ${lib.strings.concatMapStrings (x: x + "\n") config.skynet_firewall.forward}
+          ${config.skynet_firewall.forward_parsed}
 
           counter packets 0 bytes 0 reject with icmp type admin-prohibited
         }