From 7b5188125f010f2678fd2b23c7be2eb950c501ef Mon Sep 17 00:00:00 2001 From: iFargle Date: Sat, 2 Dec 2023 22:43:53 +0900 Subject: [PATCH] Add xinetd configs --- nixos/hosts/osaka-vultr-01/xinetd.nix | 23 ++++++++++++++++++----- 1 file changed, 18 insertions(+), 5 deletions(-) diff --git a/nixos/hosts/osaka-vultr-01/xinetd.nix b/nixos/hosts/osaka-vultr-01/xinetd.nix index 85b2093c..f45e6dfc 100644 --- a/nixos/hosts/osaka-vultr-01/xinetd.nix +++ b/nixos/hosts/osaka-vultr-01/xinetd.nix @@ -1,9 +1,22 @@ { config, lib, pkgs, ... }: { - networking.firewall.allowedTCPPorts = [ - 80 - 443 - 8080 - ]; + networking.firewall.allowedUDPPorts = [ + 3478 # Headscale DERP UDP + 10000 # Jitsi + ]; + networking.firewall.allowedTCPPorts = [ + 80 # HTTP + 443 # HTTPS + 25 # SMTP (explicit TLS => STARTTLS) + 465 # ESMTP (implicit TLS) + 587 # ESMTP (explicit TLS => STARTTLS) + 143 # IMAP4 (explicit TLS => STARTTLS) + 993 # IMAP4 (implicit TLS) + 4190 # Sieve support + 42420 # Vintage Story + 25565 # Minecraft + 1443 # Headscale DERP + 4443 # jitsi-jvb + ]; services.xinetd = { enable = true;