From 84b2315aa52ed67aa20d42053a009d1cace8e2bc Mon Sep 17 00:00:00 2001
From: mjallen18 <matt.l.jallen@gmail.com>
Date: Thu, 20 Nov 2025 21:23:19 -0600
Subject: [PATCH] fix fw

---
 modules/nixos/services/authentik/default.nix | 12 +++---------
 1 file changed, 3 insertions(+), 9 deletions(-)

diff --git a/modules/nixos/services/authentik/default.nix b/modules/nixos/services/authentik/default.nix
index e6e9ef5..dce9d2a 100644
--- a/modules/nixos/services/authentik/default.nix
+++ b/modules/nixos/services/authentik/default.nix
@@ -22,8 +22,8 @@ in
 
     # Open firewall for authentik if enabled
     networking.firewall = mkIf cfg.openFirewall {
-      allowedTCPPorts = [ cfg.port ];
-      allowedUDPPorts = [ cfg.port ];
+      allowedTCPPorts = [ cfg.port 4822 ];
+      allowedUDPPorts = [ cfg.port 4822 ];
     };
 
     # Ensure PostgreSQL is configured for authentik
@@ -49,7 +49,7 @@ in
       image = "ghcr.io/goauthentik/rac";
       ports = [ "4822:4822" ];
       volumes = [
-        "/media/nas/main/nix-app-data/authenic-rac:/media"
+        "/media/nas/main/nix-app-data/authentik-rac:/media"
       ];
       # environmentFiles = [
       #   "/media/nas/main/nix-app-data/lubelogger/lubelogger.env"
@@ -63,11 +63,5 @@ in
         TZ = "America/Chicago";
       };
     };
-
-    # Open firewall for lubelogger if enabled
-    networking.firewall = mkIf cfg.openFirewall {
-      allowedTCPPorts = [ 4822 ];
-      allowedUDPPorts = [ 4822 ];
-    };
   };
 }