SelfPrivacy/selfprivacy-nixos-config
1
0
Fork 0
mirror of https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-config.git synced 2025-01-06 16:14:17 +00:00
Code Issues Projects Releases Wiki Activity

fix: Remove lib.mkForce from allowed ports as it prevents SP modules from opening required ports

Browse source
This commit is contained in:
Inex Code 2024-12-26 18:19:21 +03:00
parent 5bc89e3359
commit bf299b19b8
No known key found for this signature in database
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
configuration.nix
View file

@ -83,8 +83,8 @@ in
domain = config.selfprivacy.domain; domain = config.selfprivacy.domain;
usePredictableInterfaceNames = false; usePredictableInterfaceNames = false;
firewall = { firewall = {
allowedTCPPorts = lib.mkForce [ 22 25 80 143 443 465 587 993 4443 8443 ]; allowedTCPPorts = [ 22 25 80 143 443 465 587 993 4443 8443 ];
allowedUDPPorts = lib.mkForce [ 8443 10000 ]; allowedUDPPorts = [ 8443 10000 ];
extraCommands = '' extraCommands = ''
iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
iptables --append FORWARD --in-interface vpn00 -j ACCEPT iptables --append FORWARD --in-interface vpn00 -j ACCEPT