From dd633ba55b14f9bf009c3d510967a7b0e9769180 Mon Sep 17 00:00:00 2001
From: Hendrik Sokolowski <hensoko@gssws.de>
Date: Fri, 5 Apr 2024 20:07:27 +0200
Subject: [PATCH] Add separate rules for v4 and v6

---
 hosts/nachtigall/apps/forgejo.nix | 20 ++++++++++++++------
 1 file changed, 14 insertions(+), 6 deletions(-)

diff --git a/hosts/nachtigall/apps/forgejo.nix b/hosts/nachtigall/apps/forgejo.nix
index f76e8c9..1731c76 100644
--- a/hosts/nachtigall/apps/forgejo.nix
+++ b/hosts/nachtigall/apps/forgejo.nix
@@ -43,12 +43,20 @@
 
   # Expose SSH port only for forgejo SSH
   networking.firewall.interfaces.enp35s0.allowedTCPPorts = [ 2223 ];
-  networking.nat.forwardPorts = [{
-    proto = "tcp";
-    sourcePort = 22;
-    destination = "127.0.0.1:2223";
-    loopbackIPs = [ "138.201.80.102" "2a01:4f8:172:1c25::1" ];
-  }];
+  networking.nat.forwardPorts = [
+    {
+      proto = "tcp";
+      sourcePort = 22;
+      destination = "127.0.0.1:2223";
+      loopbackIPs = [ "138.201.80.102" ];
+    }
+    {
+      proto = "tcp";
+      sourcePort = 22;
+      destination = "[::1]:2223";
+      loopbackIPs = [ "2a01:4f8:172:1c25::1" ];
+    }
+  ];
 
   services.forgejo = {
     enable = true;