kiara/Fediversity
1
0
Fork 0
forked from fediversity/fediversity
Code Pull requests Activity

plug hole in firewall

Browse source 
format
This commit is contained in:
Kiara Grouwstra 2025-08-04 10:34:50 +02:00
parent 781de49c67
commit 0f4089d430
Signed by: kiara
SSH key fingerprint: SHA256:COspvLoLJ5WC5rFb9ZDe5urVCkK4LJZOsjfF4duRJFU
1 changed files with 12 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
machines/dev/fedi203/woodpecker.nix
View file

@ -203,14 +203,20 @@
networking = {
nftables.enable = lib.mkForce false;
firewall = {
allowedTCPPorts = [
22
80
443
];
# needed for podman to be able to talk over dns
interfaces."podman0" = {
allowedUDPPorts = [ 53 ];
allowedTCPPorts = [ 53 ];
};
};
};
networking.firewall.allowedTCPPorts = [
22
80
443
];
virtualisation.podman = {
enable = true;
autoPrune = {