🎨 (hydrogen) declare the firewall's allowedTCPPorts in the services

(openssh's port is automatically opened by the module)
This commit is contained in:
Laureηt 2023-12-30 18:32:58 +01:00
parent 336da0f8e6
commit 752d0a1ad1
Signed by: Laurent
SSH key fingerprint: SHA256:kZEpW8cMJ54PDeCvOhzreNr4FSh6R13CMGH/POoO8DI
2 changed files with 7 additions and 9 deletions

View file

@ -6,4 +6,11 @@
./nginx ./nginx
./ssh ./ssh
]; ];
networking.firewall = {
allowedTCPPorts = [
80 # http
443 # https / tls
];
};
} }

View file

@ -8,14 +8,5 @@
# domain name servers, use clouflare family # domain name servers, use clouflare family
nameservers = ["1.1.1.2" "1.0.0.2"]; nameservers = ["1.1.1.2" "1.0.0.2"];
# TODO: bouger ça à côté des applications
firewall = {
allowedTCPPorts = [
624 # ssh
80 # http
443 # https
];
};
}; };
} }