{ pkgs, lib, ...}: { nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ "mongodb" "unifi-controller" ]; networking.firewall.allowedTCPPorts = [8443]; # open unifi web interface port services.unifi = { enable = true; unifiPackage = pkgs.unifi7; openFirewall = true; }; }