{ config, lib, pkgs, ... }:
let
  minecraft-port = 25565;
  allowedAddresses = [
    "108.30.16.212"
    "24.193.7.0/24"   
  ];
in
{
  networking.firewall.extraCommands = lib.concatMapStrings (addr: ''
    iptables -A nixos-fw -p tcp \
      --dport ${toString minecraft-port} \
      -s ${addr} \
      -j nixos-fw-accept
  '') allowedAddresses;
  services.minecraft-server = {
    eula = true;
    enable = true;
    dataDir = "/storage/srv/minecraft/annie";
  };
}