summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorlassulus <lassulus@lassul.us>2017-09-19 11:51:22 +0200
committerlassulus <lassulus@lassul.us>2017-09-19 11:58:46 +0200
commit2d1160c0623461ea94d2f573d114909b64ab2b4d (patch)
treea4c7aee1caa973f0fb4680be8339a66ed9e7c008
parentc83cd3492a180e41c071e31ae8e4225b5c2083fc (diff)
l retiolum: open configured tinc port
-rw-r--r--lass/1systems/dishfire/config.nix1
-rw-r--r--lass/2configs/retiolum.nix10
2 files changed, 6 insertions, 5 deletions
diff --git a/lass/1systems/dishfire/config.nix b/lass/1systems/dishfire/config.nix
index 25e8759b1..416edeb82 100644
--- a/lass/1systems/dishfire/config.nix
+++ b/lass/1systems/dishfire/config.nix
@@ -88,7 +88,6 @@
};
krebs.iptables.tables.filter.INPUT.rules = [
{ predicate = "-p tcp --dport smtp"; target = "ACCEPT"; }
- { predicate = "-p tcp --dport 993"; target = "ACCEPT"; }
];
}
];
diff --git a/lass/2configs/retiolum.nix b/lass/2configs/retiolum.nix
index e7779f53e..fb76c5735 100644
--- a/lass/2configs/retiolum.nix
+++ b/lass/2configs/retiolum.nix
@@ -1,12 +1,14 @@
-{ pkgs, ... }:
+{ config, pkgs, ... }:
{
krebs.iptables = {
tables = {
- filter.INPUT.rules = [
- { predicate = "-p tcp --dport tinc"; target = "ACCEPT"; }
- { predicate = "-p udp --dport tinc"; target = "ACCEPT"; }
+ filter.INPUT.rules = let
+ tincport = toString config.krebs.build.host.nets.retiolum.tinc.port;
+ in [
+ { predicate = "-p tcp --dport ${tincport}"; target = "ACCEPT"; }
+ { predicate = "-p udp --dport ${tincport}"; target = "ACCEPT"; }
];
};
};