55 lines
914 B
Nix
Executable File
55 lines
914 B
Nix
Executable File
{ ... }:
|
|
let
|
|
ports = [
|
|
8008 # restic
|
|
9000 # authentik
|
|
2342 # grafana
|
|
51820 # wireguard
|
|
1025
|
|
1143
|
|
10200
|
|
10300
|
|
8127
|
|
9943 # onlyoffice
|
|
4000 # netbootxyz
|
|
4080 # netbootxyz
|
|
3000 # gitea
|
|
2222 # gitea ssh
|
|
3300
|
|
9898
|
|
6754 # lubelogger
|
|
2283 # immich
|
|
4444 # code-server
|
|
9012
|
|
|
|
8192
|
|
];
|
|
in
|
|
{
|
|
# Networking configs
|
|
networking = {
|
|
# useNetworkd = true;
|
|
|
|
# hostId = "4b501480";
|
|
|
|
# nat = {
|
|
# enable = true;
|
|
# internalInterfaces = [ "ve-+" ];
|
|
# externalInterface = "wlp6s0";
|
|
# # Lazy IPv6 connectivity for the container
|
|
# enableIPv6 = true;
|
|
# };
|
|
|
|
firewall = {
|
|
# enable = true;
|
|
# allowPing = true;
|
|
|
|
allowedTCPPorts = ports;
|
|
allowedUDPPorts = ports;
|
|
|
|
# # always allow traffic from your Tailscale network
|
|
# trustedInterfaces = [ "tailscale0" ];
|
|
};
|
|
};
|
|
}
|