From b6b8d698523c3450da53cdbc88b34ffd2abe2f98 Mon Sep 17 00:00:00 2001
From: Hendrik Sokolowski <hensoko@gssws.de>
Date: Fri, 5 Apr 2024 18:39:43 +0200
Subject: [PATCH] nachtigall: forgejo: update firewall settings

---
 hosts/nachtigall/apps/forgejo.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hosts/nachtigall/apps/forgejo.nix b/hosts/nachtigall/apps/forgejo.nix
index 66d8a2e..647f83e 100644
--- a/hosts/nachtigall/apps/forgejo.nix
+++ b/hosts/nachtigall/apps/forgejo.nix
@@ -42,7 +42,7 @@
   users.groups.gitea = {};
 
   # Expose SSH port only for forgejo SSH
-  networking.firewall.interfaces.enp35s0.allowedTCPPorts = [ 22 ];
+  networking.firewall.interfaces.enp35s0.allowedTCPPorts = [ 2223 ];
   networking.firewall.extraCommands = ''
     iptables -t nat -i enp35s0 -I PREROUTING -p tcp --dport 22 -j REDIRECT --to-ports 2223
   '';