forked from pub-solar/infra
Merge pull request 'nachtigall: forgejo: update firewall settings' (#137) from fix/git-forgejo-open-service-port-in-firewall into main
Reviewed-on: pub-solar/infra#137 Reviewed-by: b12f <b12f@noreply.git.pub.solar>
This commit is contained in:
commit
9191729f5c
|
@ -42,7 +42,7 @@
|
||||||
users.groups.gitea = {};
|
users.groups.gitea = {};
|
||||||
|
|
||||||
# Expose SSH port only for forgejo SSH
|
# Expose SSH port only for forgejo SSH
|
||||||
networking.firewall.interfaces.enp35s0.allowedTCPPorts = [ 22 ];
|
networking.firewall.interfaces.enp35s0.allowedTCPPorts = [ 2223 ];
|
||||||
networking.firewall.extraCommands = ''
|
networking.firewall.extraCommands = ''
|
||||||
iptables -t nat -i enp35s0 -I PREROUTING -p tcp --dport 22 -j REDIRECT --to-ports 2223
|
iptables -t nat -i enp35s0 -I PREROUTING -p tcp --dport 22 -j REDIRECT --to-ports 2223
|
||||||
'';
|
'';
|
||||||
|
|
Loading…
Reference in a new issue