diff options
| author | Mel <einebeere@gmail.com> | 2024-12-31 03:28:30 +0100 |
|---|---|---|
| committer | Mel <einebeere@gmail.com> | 2024-12-31 03:42:24 +0100 |
| commit | 75bd8ec480ccbaa02f4e1a676ee257eec374fae3 (patch) | |
| tree | d9e52c3ed4d5883525218f94e4888ed498885a60 | |
| parent | fbe093d8a4f93dda38f390c379e8fb5eb86d8082 (diff) | |
| download | specimen-main.tar.zst specimen-main.zip | |
Signed-off-by: Mel <einebeere@gmail.com>
| -rw-r--r-- | configuration/vm/incus.nix | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/configuration/vm/incus.nix b/configuration/vm/incus.nix index dd1990b..62293e8 100644 --- a/configuration/vm/incus.nix +++ b/configuration/vm/incus.nix @@ -56,10 +56,13 @@ let }; in { - # needed so that the nixos firewall does not block - # DHCP+DNS requests from incus, and to prevent conflicts - # between the two firewalls. - networking.firewall.trustedInterfaces = [ "incusbr0" ]; + networking.firewall = { + # needed so that the nixos firewall does not block + # DHCP+DNS requests from incus, and to prevent conflicts + # between the two firewalls. + trustedInterfaces = [ "incusbr0" ]; + allowedTCPPorts = [ 23 ]; + }; # needed so inscus instances can connect to the proxy. boot.kernelModules = [ "br_netfilter" ]; virtualisation.incus = { |