jacob/nix_config
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Move pedro firewall setup to firewall.nix

Browse Source
This commit is contained in:
Jacob Hinkle 2022-10-13 08:46:54 -04:00
parent 8f2f6b45a1
commit 947dc6fbd5
2 changed files with 20 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
machines/pedro/configuration.nix
View File

@ -67,25 +67,7 @@
}; };
}; };
}; };
firewall = { firewall = import ./firewall.nix;
allowedTCPPorts = [
8384 22000 # syncthing
8080 8443 6789 8880 8843 27117 # unifi controller: https://help.ui.com/hc/en-us/articles/218506997-UniFi-Network-Required-Ports-Reference
53 8088 # pihole
#3000 # gitea
#8081 # vaultwarden
#8000 # paperless
80 443 # reverse proxy
];
allowedUDPPorts = [
22000 21027 # syncthing
3478 5514 10001 1900 123 # unifi
53 # pihole
];
allowedUDPPortRanges = [
{ from = 5656; to = 5699; } # unifi
];
};
timeServers = [ "192.168.88.1" ] ++ options.networking.timeServers.default; timeServers = [ "192.168.88.1" ] ++ options.networking.timeServers.default;
}; };

19
machines/pedro/firewall.nix Normal file
View File

@ -0,0 +1,19 @@
{
allowedTCPPorts = [
8384 22000 # syncthing
8080 8443 6789 8880 8843 27117 # unifi controller: https://help.ui.com/hc/en-us/articles/218506997-UniFi-Network-Required-Ports-Reference
53 8088 # pihole
#8123 # home-assistant
#3000 # gitea
#8081 # vaultwarden
80 443 # reverse proxy
];
allowedUDPPorts = [
22000 21027 # syncthing
3478 5514 10001 1900 123 # unifi
53 # pihole
];
allowedUDPPortRanges = [
{ from = 5656; to = 5699; } # unifi
];
}