diff options
| author | Alejandro Soto <alejandro@34project.org> | 2023-02-10 11:43:18 -0600 |
|---|---|---|
| committer | Alejandro Soto <alejandro@34project.org> | 2023-02-10 11:43:18 -0600 |
| commit | 7443b4290428e003300ab6070e577c2e9ae1771b (patch) | |
| tree | 69804c5c48526b8bf8c2ce0bcbec26c96d95d7b5 /sys | |
| parent | 76d055cc22c72129073258968105e1e1e1a41dd0 (diff) | |
sys/nspawn: open dmz ports on firewall
Diffstat (limited to '')
| -rw-r--r-- | sys/nspawn.nix | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/sys/nspawn.nix b/sys/nspawn.nix index 6f1558c..2f23cff 100644 --- a/sys/nspawn.nix +++ b/sys/nspawn.nix @@ -122,9 +122,13 @@ in }; }; - networking.firewall.interfaces.ve-dmz = { - allowedTCPPorts = [ cfg.mailHost.saslPort cfg.mailHost.lmtpPort ]; - allowedUDPPorts = [ 67 ]; # DHCP + networking.firewall = { + allowedTCPPorts = [ 25 80 143 443 587 ]; + + interfaces.ve-dmz = { + allowedTCPPorts = [ cfg.mailHost.saslPort cfg.mailHost.lmtpPort ]; + allowedUDPPorts = [ 67 ]; # DHCP + }; }; }; } |