Refactor firewall ports

2024-03-05 22:57:26 +02:00 · 2024-03-05 22:57:26 +02:00 · a802211b1f
commit a802211b1f
parent 2d3512483a
1 changed files with 19 additions and 8 deletions
--- a/configuration.nix
+++ b/configuration.nix
@ -800,20 +800,31 @@ in {
      to = max-port;
    }];
    allowedUDPPorts = [
-      53 # blocky
-      3478 5349 # coturn
-      settings.ports.qbittorrent-out # qbittorrent
+      config.services.blocky.settings.ports.dns
+
+      # coturn
+      3478
+      5349
+
+      settings.ports.qbittorrent-out
    ];
    allowedTCPPorts = [
-      53 # blocky
+      22 # ssh
+      config.services.blocky.settings.ports.dns
+
+      #  HTTP/HTTPS
      80
-      443 #  HTTP/HTTPS
+      443
+
+      # coturn
      3478
-      5349 # coturn
-      settings.ports.qbittorrent-out # qbittorrent
+      5349
+
+      settings.ports.qbittorrent-out
      settings.ports.privoxy
      25566 # modded minecraft
-      2222 # forgejo ssh
+
+      config.services.forgejo.settings.server.SSH_PORT
    ];
  };