expose 8080 in nftables, pending proper TLS/reverse-proxy/port (?)

2025-07-08 18:51:44 +02:00 · 2025-07-08 18:51:44 +02:00 · fe789c1819
commit fe789c1819
parent 0a615fa961
1 changed files with 2 additions and 1 deletions
--- a/infra/common/nixos/nftables-ruleset.nft
+++ b/infra/common/nixos/nftables-ruleset.nft
@ -43,7 +43,8 @@ table inet filter {
        ip6 nexthdr icmpv6 icmpv6 type { destination-unreachable, echo-reply, echo-request, nd-neighbor-solicit,  nd-router-advert, nd-neighbor-advert, packet-too-big, parameter-problem, time-exceeded } accept

        # open tcp ports: sshd (22)
-        tcp dport {ssh} accept
+        # 8080: used in atticd
+        tcp dport {ssh,8080} accept

        # open tcp ports: snmp (161)
        ip saddr $snmp_allow udp dport {snmp} accept