diff --git a/modules/system/networking.nix b/modules/system/networking.nix
index c2f00f6..3536ae6 100644
--- a/modules/system/networking.nix
+++ b/modules/system/networking.nix
@@ -1,11 +1,34 @@
-{ config, lib, pkgs, ... }: {
-  programs.mtr.enable = true;
-  networking = {
-    firewall = {
-      enable = true;
-      allowedTCPPorts = [ 443 80 ];
-      allowedUDPPorts = [ 443 80 ];
-      allowPing = false;
+{ config, lib, pkgs, user, ... }:
+let
+  this = config.system.networking;
+in
+with lib; {
+  options = {
+    system.networking = {
+      enable = mkOption {
+        default = true;
+        type = with types; bool;
+      };
+
+      allowedPorts = mkOption {
+        default = with pkgs; [ 443 80 ];
+        type = with types; listOf port;
+        description = "List of ports that can be opened. Applies to both UDP and TCP";
+      };
+    };
+  };
+
+  config = mkIf this.enable {
+    networking.networkmanager.enable = true;
+    users.users."${user.name}".extraGroups = [ "networkmanager" ];
+    programs.mtr.enable = true;
+    networking = {
+      firewall = {
+        enable = true;
+        allowedTCPPorts = this.allowedPorts;
+        allowedUDPPorts = this.allowedPorts;
+        allowPing = false;
+      };
     };
   };
 }
diff --git a/profiles/laptop.nix b/profiles/laptop.nix
index 54b2703..811fccc 100644
--- a/profiles/laptop.nix
+++ b/profiles/laptop.nix
@@ -1,6 +1,4 @@
 { config, lib, pkgs, user, ... }: {
   imports = [ ./graphical.nix ];
   my.system.boot.enable = true;
-  networking.networkmanager.enable = true;
-  users.users."${user.name}".extraGroups = [ "networkmanager" ];
 }