diff --git a/infra/common/nixos/nftables-ruleset.nft b/infra/common/nixos/nftables-ruleset.nft
index 0bd23c33..d64f1e2a 100644
--- a/infra/common/nixos/nftables-ruleset.nft
+++ b/infra/common/nixos/nftables-ruleset.nft
@@ -43,7 +43,8 @@ table inet filter {
         ip6 nexthdr icmpv6 icmpv6 type { destination-unreachable, echo-reply, echo-request, nd-neighbor-solicit,  nd-router-advert, nd-neighbor-advert, packet-too-big, parameter-problem, time-exceeded } accept
 
         # open tcp ports: sshd (22)
-        tcp dport {ssh} accept
+        # 8080: used in atticd
+        tcp dport {ssh,8080} accept
 
         # open tcp ports: snmp (161)
         ip saddr $snmp_allow udp dport {snmp} accept