From 6918146846928e5c8848c18768dbcf4b769d67e2 Mon Sep 17 00:00:00 2001 From: albert Date: Tue, 22 Oct 2024 15:02:14 +0200 Subject: [PATCH] Update firewall ports --- nixos/hosts/framework-server/firewall.nix | 56 +++++++++++++---------- 1 file changed, 33 insertions(+), 23 deletions(-) diff --git a/nixos/hosts/framework-server/firewall.nix b/nixos/hosts/framework-server/firewall.nix index 068f0fb2..e52003c1 100644 --- a/nixos/hosts/framework-server/firewall.nix +++ b/nixos/hosts/framework-server/firewall.nix @@ -2,29 +2,39 @@ networking = { firewall = { enable = true; - interfaces.wireguard0 = { - allowedTCPPorts = [ - # 53 # DNS - 80 # HTTP - 443 # HTTPS - 42420 # Vintage Story - 25565 # Minecraft - 1443 # Headscale DERP (tcp) - 25 # Mailserver - 143 # Mailserver - 465 # Mailserver - 587 # Mailserver - 993 # Mailserver - 4190 # Mailserver - # 5696 # dsm-kmip server - 4443 # Jitsi - ]; - allowedUDPPorts = [ - # 53 # DNS (udp) - 10000 # Jitsi Meet (udp) - # 15636 # Enshrouded - Game - # 15637 # Enshrouded - Query Port - ]; + interfaces = { + tailscale0 = { + allowedTCPPorts = [ + 22 # SSH + 53 # DNS + 80 # HTTP + 443 # HTTPS + 5696 # dsm-kmip server + ]; + }; + wireguard0 = { + allowedTCPPorts = [ + # 53 # DNS + 80 # HTTP + 443 # HTTPS + 42420 # Vintage Story + 25565 # Minecraft + 1443 # Headscale DERP (tcp) + 25 # Mailserver + 143 # Mailserver + 465 # Mailserver + 587 # Mailserver + 993 # Mailserver + 4190 # Mailserver + 4443 # Jitsi + ]; + allowedUDPPorts = [ + # 53 # DNS (udp) + 10000 # Jitsi Meet (udp) + # 15636 # Enshrouded - Game + # 15637 # Enshrouded - Query Port + ]; + }; }; }; };