From 75bd8ec480ccbaa02f4e1a676ee257eec374fae3 Mon Sep 17 00:00:00 2001
From: Mel <einebeere@gmail.com>
Date: Tue, 31 Dec 2024 03:28:30 +0100
Subject: Allow port 23 through firewall

Signed-off-by: Mel <einebeere@gmail.com>
---
 configuration/vm/incus.nix | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

(limited to 'configuration')

diff --git a/configuration/vm/incus.nix b/configuration/vm/incus.nix
index dd1990b..62293e8 100644
--- a/configuration/vm/incus.nix
+++ b/configuration/vm/incus.nix
@@ -56,10 +56,13 @@ let
   };
 in
 {
-  # needed so that the nixos firewall does not block
-  # DHCP+DNS requests from incus, and to prevent conflicts
-  # between the two firewalls.
-  networking.firewall.trustedInterfaces = [ "incusbr0" ];
+  networking.firewall = {
+    # needed so that the nixos firewall does not block
+    # DHCP+DNS requests from incus, and to prevent conflicts
+    # between the two firewalls.
+    trustedInterfaces = [ "incusbr0" ];
+    allowedTCPPorts = [ 23 ];
+  };
   # needed so inscus instances can connect to the proxy.
   boot.kernelModules = [ "br_netfilter" ];
   virtualisation.incus = {
-- 
cgit 1.4.1