nix/nixos/hosts/osaka-linode-01/firewall.nix
iFargle e0c5b2af59
Some checks failed
ssh-test / ssh-test (push) Failing after 17m35s
Testing networking.nat.forwardPorts
2023-12-21 14:43:40 +09:00

61 lines
No EOL
1.4 KiB
Nix

{ config, lib, pkgs, ... }: {
networking.firewall.allowedUDPPorts = [
3478 # Headscale DERP UDP
10000 # Jitsi
];
networking.firewall.allowedTCPPorts = [
80 # HTTP
443 # HTTPS
# 25 # SMTP (explicit TLS => STARTTLS)
# 465 # ESMTP (implicit TLS)
# 587 # ESMTP (explicit TLS => STARTTLS)
# 143 # IMAP4 (explicit TLS => STARTTLS)
# 993 # IMAP4 (implicit TLS)
# 4190 # Sieve support
42420 # Vintage Story
25565 # Minecraft
1443 # Headscale DERP
# 4443 # jitsi-jvb
# 5222 # Jitsi
# 5347 # Jitsi
# 5280 # Jitsi
];
networking.nat.forwardPorts = [
{ # Headscale DERP UDP
destination = "10.100.0.2:3478";
proto = "udp";
sourcePort = 3478;
}
{ # Jitsi
destination = "10.100.0.2:10000";
proto = "udp";
sourcePort = 10000;
}
{ # HTTP
destination = "10.100.0.2:80";
proto = "tcp";
sourcePort = 80;
}
{ # HTTPS
destination = "10.100.0.2:443";
proto = "tcp";
sourcePort = 443;
}
{ # Vintage Story
destination = "10.100.0.2:42420";
proto = "tcp";
sourcePort = 42420;
}
{ # Minecraft
destination = "10.100.0.2:25565";
proto = "tcp";
sourcePort = 25565;
}
{ # Headscale DERP TCP
destination = "10.100.0.2:1443";
proto = "tcp";
sourcePort = 1443;
}
];
}