summaryrefslogtreecommitdiffstats
path: root/lass/2configs/retiolum.nix
diff options
context:
space:
mode:
authormakefu <github@syntax-fehler.de>2017-09-19 16:38:07 +0200
committermakefu <github@syntax-fehler.de>2017-09-19 16:38:07 +0200
commitcfca733473620e1b7be7e62a96f20958fedf9068 (patch)
tree4d69217c6c292e6524c05ce0ffa36ac209c6cad9 /lass/2configs/retiolum.nix
parent21c284a2c7b4fcb330f0c90ccd773f65f78721aa (diff)
parente822f88199f11fe75e2a38a0e5f9806a8c9ba5cf (diff)
Merge remote-tracking branch 'lass/master'
Diffstat (limited to 'lass/2configs/retiolum.nix')
-rw-r--r--lass/2configs/retiolum.nix10
1 files changed, 6 insertions, 4 deletions
diff --git a/lass/2configs/retiolum.nix b/lass/2configs/retiolum.nix
index e7779f53e..fb76c5735 100644
--- a/lass/2configs/retiolum.nix
+++ b/lass/2configs/retiolum.nix
@@ -1,12 +1,14 @@
-{ pkgs, ... }:
+{ config, pkgs, ... }:
{
krebs.iptables = {
tables = {
- filter.INPUT.rules = [
- { predicate = "-p tcp --dport tinc"; target = "ACCEPT"; }
- { predicate = "-p udp --dport tinc"; target = "ACCEPT"; }
+ filter.INPUT.rules = let
+ tincport = toString config.krebs.build.host.nets.retiolum.tinc.port;
+ in [
+ { predicate = "-p tcp --dport ${tincport}"; target = "ACCEPT"; }
+ { predicate = "-p udp --dport ${tincport}"; target = "ACCEPT"; }
];
};
};