From 8af465e7ba38993b8ab730ce8edeb9e336868753 Mon Sep 17 00:00:00 2001
From: Dmitry Voronin <hi@voronind.com>
Date: Wed, 14 Aug 2024 20:59:42 +0300
Subject: [PATCH] Home : Allow ssh connection from vpn.

---
 host/home/Network.nix | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/host/home/Network.nix b/host/home/Network.nix
index edf19da8..17edfdec 100644
--- a/host/home/Network.nix
+++ b/host/home/Network.nix
@@ -31,10 +31,10 @@ in {
 			extraCommands = let
 				cfg = config.container.module;
 
-				# mkForward = src: sport: dst: dport: proto: "iptables -t nat -I PREROUTING -i ${src} -p ${proto} --dport ${toString sport} -j DNAT --to-destination ${dst}:${toString dport}\n";
 				mkForward = src: sport: dst: dport: proto: "iptables -t nat -I PREROUTING -d ${src} -p ${proto} --dport ${toString sport} -j DNAT --to-destination ${dst}:${toString dport}\n";
 			in ''
 				iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -d 0/0 -o ${wan} -j MASQUERADE
+				iptables -I INPUT -j ACCEPT -s ${cfg.vpn.address} -d ${internal}
 			''
 			+ (mkForward internal cfg.dns.port cfg.dns.address cfg.dns.port "tcp")
 			+ (mkForward internal cfg.dns.port cfg.dns.address cfg.dns.port "udp")
@@ -61,14 +61,14 @@ in {
 			;
 
 			interfaces = {
-				"${wan}" = {
+				${wan} = {
 					allowedUDPPorts = [
 					];
 					allowedTCPPorts = [
 						# 22143
 					];
 				};
-				"${lan}" = {
+				${lan} = {
 					allowedUDPPorts = [
 					];
 					allowedTCPPorts = [
@@ -84,7 +84,7 @@ in {
 		];
 
 		interfaces = {
-			"${lan}".ipv4 = {
+			${lan}.ipv4 = {
 				addresses = [{
 					address      = internal;
 					prefixLength = 24;