Network: Allow syncthing.

2024-12-13 10:48:04 +03:00 · 2024-12-13 10:48:04 +03:00 · 7ba7e25072
parent af7e9bb147
commit 7ba7e25072
5 changed files with 44 additions and 0 deletions
--- a/host/x86_64-linux/dasha/Network.nix
+++ b/host/x86_64-linux/dasha/Network.nix
@ -4,6 +4,14 @@
 			# Ssh access.
 			iptables  -I INPUT -j ACCEPT -s 10.0.0.0/8          -p tcp --dport 22143
 			ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p tcp --dport 22143
 			# Syncthing.
 			iptables  -I INPUT -j ACCEPT -s 10.0.0.0/8 -p tcp --dport 22000
 			iptables  -I INPUT -j ACCEPT -s 10.0.0.0/8 -p udp --dport 22000
 			iptables  -I INPUT -j ACCEPT -s 10.0.0.0/8 -p udp --dport 21027
 			ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p tcp --dport 22000
 			ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p udp --dport 22000
 			ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p udp --dport 21027
 		'';
 	};
 }
--- a/host/x86_64-linux/desktop/Network.nix
+++ b/host/x86_64-linux/desktop/Network.nix
@ -6,6 +6,9 @@
 			ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p tcp --dport 22143
 			# Syncthing.
 			iptables  -I INPUT -j ACCEPT -s 10.0.0.0/8 -p tcp --dport 22000
 			iptables  -I INPUT -j ACCEPT -s 10.0.0.0/8 -p udp --dport 22000
 			iptables  -I INPUT -j ACCEPT -s 10.0.0.0/8 -p udp --dport 21027
 			ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p tcp --dport 22000
 			ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p udp --dport 22000
 			ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p udp --dport 21027
--- a/host/x86_64-linux/laptop/Network.nix
+++ b/host/x86_64-linux/laptop/Network.nix
@ -4,6 +4,14 @@
 			# Ssh access.
 			iptables  -I INPUT -j ACCEPT -s 10.0.0.0/8          -p tcp --dport 22143
 			ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p tcp --dport 22143
 			# Syncthing.
 			iptables  -I INPUT -j ACCEPT -s 10.0.0.0/8 -p tcp --dport 22000
 			iptables  -I INPUT -j ACCEPT -s 10.0.0.0/8 -p udp --dport 22000
 			iptables  -I INPUT -j ACCEPT -s 10.0.0.0/8 -p udp --dport 21027
 			ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p tcp --dport 22000
 			ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p udp --dport 22000
 			ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p udp --dport 21027
 		'';
 	};
 }
--- a/host/x86_64-linux/max/Network.nix
+++ b/host/x86_64-linux/max/Network.nix
@ -0,0 +1,17 @@
 { ... }: {
 	networking = {
 		firewall.extraCommands = ''
 			# Ssh access.
 			iptables  -I INPUT -j ACCEPT -s 10.0.0.0/8          -p tcp --dport 22143
 			ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p tcp --dport 22143
 			# Syncthing.
 			iptables  -I INPUT -j ACCEPT -s 10.0.0.0/8 -p tcp --dport 22000
 			iptables  -I INPUT -j ACCEPT -s 10.0.0.0/8 -p udp --dport 22000
 			iptables  -I INPUT -j ACCEPT -s 10.0.0.0/8 -p udp --dport 21027
 			ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p tcp --dport 22000
 			ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p udp --dport 22000
 			ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p udp --dport 21027
 		'';
 	};
 }
--- a/host/x86_64-linux/pocket/Network.nix
+++ b/host/x86_64-linux/pocket/Network.nix
@ -4,6 +4,14 @@
 			# Ssh access.
 			iptables  -I INPUT -j ACCEPT -s 10.0.0.0/8          -p tcp --dport 22143
 			ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p tcp --dport 22143
 			# Syncthing.
 			iptables  -I INPUT -j ACCEPT -s 10.0.0.0/8 -p tcp --dport 22000
 			iptables  -I INPUT -j ACCEPT -s 10.0.0.0/8 -p udp --dport 22000
 			iptables  -I INPUT -j ACCEPT -s 10.0.0.0/8 -p udp --dport 21027
 			ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p tcp --dport 22000
 			ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p udp --dport 22000
 			ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 -p udp --dport 21027
 		'';
 	};
 }