cilly/flakes
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

services/unbound: open firewall for dns from containers

Browse source
This commit is contained in:
Cilly Leang 2026-03-15 23:34:58 +11:00
parent a2f82bc7d5
commit 5722249dd2
Signed by: cilly
GPG key ID: 6500251E087653C9
1 changed files with 4 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

4
modules/services/unbound.nix
View file

@ -7,6 +7,10 @@ let
grep '^0\.0\.0\.0' "${inputs.stevenblack-hosts}/hosts" | awk '{print "local-zone: \""$2"\" always_refuse"}' | tail -n +2 >> "$out" grep '^0\.0\.0\.0' "${inputs.stevenblack-hosts}/hosts" | awk '{print "local-zone: \""$2"\" always_refuse"}' | tail -n +2 >> "$out"
''; '';
in { in {
networking.firewall.interfaces."ve-+" = {
allowedUDPPorts = [ 53 853 ];
allowedTCPPorts = [ 53 853 ];
};
networking.firewall.interfaces.wg0 = { networking.firewall.interfaces.wg0 = {
allowedUDPPorts = [ 53 853 ]; allowedUDPPorts = [ 53 853 ];
allowedTCPPorts = [ 53 853 ]; allowedTCPPorts = [ 53 853 ];