added port forwards to services

2025-01-03 13:23:06 -06:00 · 2025-01-03 13:23:06 -06:00 · 12e1f8067b
commit 12e1f8067b
parent 6ab64fafe1
3 changed files with 14 additions and 34 deletions
--- a/modules/nixos-modules/server/pihole.nix
+++ b/modules/nixos-modules/server/pihole.nix
@ -3,7 +3,9 @@
  config,
  inputs,
  ...
-}: {
+}: let
+  dnsPort = 53;
+in {
  options.host.pihole = {
    enable = lib.mkEnableOption "should home-assistant be enabled on this computer";
    directory = lib.mkOption {
@ -80,6 +82,9 @@
          };
        };
      };
+      networking.firewall.allowedTCPPorts = [
+        dnsPort
+      ];
    }
    (lib.mkIf config.host.impermanence.enable {
      environment.persistence."/persist/system/root" = {
--- a/modules/nixos-modules/server/reverse_proxy.nix
+++ b/modules/nixos-modules/server/reverse_proxy.nix
@ -4,6 +4,8 @@
  ...
 }: let
  dataDir = "/var/lib/acme";
+  httpPort = 80;
+  httpsPort = 443;
 in {
  options.host.reverse_proxy = {
    enable = lib.mkEnableOption "turn on the reverse proxy";
@ -54,6 +56,11 @@ in {
          })
        config.host.reverse_proxy.subdomains;
      };
+
+      networking.firewall.allowedTCPPorts = [
+        httpPort
+        httpsPort
+      ];
    }
    (lib.mkIf config.host.impermanence.enable {
      # TODO: figure out how to write an assertion for this