From e1140ef7ea4c644707b24911f779c276a14a268e Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 19 Apr 2016 13:22:43 +0200 Subject: l 1 dishfire: open http[s] ports --- lass/1systems/dishfire.nix | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'lass/1systems') diff --git a/lass/1systems/dishfire.nix b/lass/1systems/dishfire.nix index dd1d1e541..b5e551952 100644 --- a/lass/1systems/dishfire.nix +++ b/lass/1systems/dishfire.nix @@ -7,7 +7,6 @@ ../2configs/default.nix ../2configs/exim-retiolum.nix ../2configs/git.nix - ../2configs/websites/fritz.nix { boot.loader.grub = { device = "/dev/vda"; @@ -55,6 +54,15 @@ mk_sql_pair ]; } + { + imports = [ + ../2configs/websites/fritz.nix + ]; + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-p tcp --dport http"; target = "ACCEPT"; } + { predicate = "-p tcp --dport https"; target = "ACCEPT"; } + ]; + } ]; krebs.build.host = config.krebs.hosts.dishfire; -- cgit v1.2.3