kyle/imladris
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

rift: open firewall for mc-proxy (443, 8443, 9443) and exod (8080, 9090)

Browse Source 
Remove implicit reliance on temp iptables rules. All externally
accessible ports are now declared in NixOS config.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Kyle Isom
2026-03-25 19:51:38 -07:00
parent 87be4e34d3
commit a09dd925ac
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
hw/rift/default.nix
View File

@@ -10,8 +10,8 @@
# Allow rootless containers (Podman) to bind port 53 for CoreDNS (MCNS precursor). # Allow rootless containers (Podman) to bind port 53 for CoreDNS (MCNS precursor).
boot.kernel.sysctl."net.ipv4.ip_unprivileged_port_start" = 53; boot.kernel.sysctl."net.ipv4.ip_unprivileged_port_start" = 53;
# Open DNS port for LAN clients querying CoreDNS. # Open ports: DNS (53), mc-proxy (443, 8443, 9443), exod (8080, 9090).
networking.firewall.allowedTCPPorts = [ 53 ]; networking.firewall.allowedTCPPorts = [ 53 443 8443 9443 8080 9090 ];
networking.firewall.allowedUDPPorts = [ 53 ]; networking.firewall.allowedUDPPorts = [ 53 ];
}; };
} }