l retiolum: open configured tinc port
This commit is contained in:
parent
c83cd3492a
commit
2d1160c062
|
@ -88,7 +88,6 @@
|
|||
};
|
||||
krebs.iptables.tables.filter.INPUT.rules = [
|
||||
{ predicate = "-p tcp --dport smtp"; target = "ACCEPT"; }
|
||||
{ predicate = "-p tcp --dport 993"; target = "ACCEPT"; }
|
||||
];
|
||||
}
|
||||
];
|
||||
|
|
|
@ -1,12 +1,14 @@
|
|||
{ pkgs, ... }:
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
{
|
||||
|
||||
krebs.iptables = {
|
||||
tables = {
|
||||
filter.INPUT.rules = [
|
||||
{ predicate = "-p tcp --dport tinc"; target = "ACCEPT"; }
|
||||
{ predicate = "-p udp --dport tinc"; target = "ACCEPT"; }
|
||||
filter.INPUT.rules = let
|
||||
tincport = toString config.krebs.build.host.nets.retiolum.tinc.port;
|
||||
in [
|
||||
{ predicate = "-p tcp --dport ${tincport}"; target = "ACCEPT"; }
|
||||
{ predicate = "-p udp --dport ${tincport}"; target = "ACCEPT"; }
|
||||
];
|
||||
};
|
||||
};
|
||||
|
|
Loading…
Reference in New Issue
Block a user