From 6658b3fcf185f6b9eef7ab1923711c35023407b2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Maciej=20Kr=C3=BCger?= <mkg20001@gmail.com>
Date: Mon, 27 Mar 2023 20:10:18 +0200
Subject: [PATCH] networking/nftables: make ruleset+rulesetFile non-exclusive

---
 nixos/modules/services/networking/nftables.nix | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/nixos/modules/services/networking/nftables.nix b/nixos/modules/services/networking/nftables.nix
index cf32876c2c5..5397917d0ce 100644
--- a/nixos/modules/services/networking/nftables.nix
+++ b/nixos/modules/services/networking/nftables.nix
@@ -273,9 +273,10 @@ in
                 ${table.content}
               }
             '') enabledTables)}
-            ${if cfg.rulesetFile != null then ''
+            ${cfg.ruleset}
+            ${lib.optionalString (cfg.rulesetFile != null) ''
               include "${cfg.rulesetFile}"
-            '' else cfg.ruleset}
+            ''}
           '';
           checkPhase = lib.optionalString cfg.checkRuleset ''
             cp $out ruleset.conf