fireall + enabled services on miniserver

2024-06-15 00:50:28 -06:00
parent fbf81f60ce
commit e726ebedc1
2 changed files with 27 additions and 26 deletions
--- a/modules/servers/qbittorrent.nix
+++ b/modules/servers/qbittorrent.nix
@@ -1,4 +1,8 @@
-{ lib, config, pkgs, proxyReverse, ... }: {
+{ lib, config, pkgs, proxyReverse, ... }:
+let
+  port = 9091;
+  ports = [ port 51413 ];
+in {
  options.my.servers.qbittorrent.enable = lib.mkEnableOption "enable";
  config = lib.mkIf config.my.servers.qbittorrent.enable {
    systemd = {
@@ -49,7 +53,11 @@
    services.nginx = {
      enable = true;
      virtualHosts."xfwmrle6h6skqujbeizw.${config.my.domain}" =
-        proxyReverse 9091 // { };
+        proxyReverse port // { };
+    };
+    networking.firewall = {
+      allowedTCPPorts = ports;
+      allowedUDPPorts = ports;
    };
  };
 }