l retiolum: open configured tinc port

author: lassulus <lassulus@lassul.us> 2017-09-19 11:51:22 +0200
committer: lassulus <lassulus@lassul.us> 2017-09-19 11:58:46 +0200
commit: 2d1160c0623461ea94d2f573d114909b64ab2b4d (patch)
tree: a4c7aee1caa973f0fb4680be8339a66ed9e7c008 /lass/2configs/retiolum.nix
parent: c83cd3492a180e41c071e31ae8e4225b5c2083fc (diff)
1 files changed, 6 insertions, 4 deletions
diff --git a/lass/2configs/retiolum.nix b/lass/2configs/retiolum.nix
index e7779f53..fb76c573 100644
--- a/lass/2configs/retiolum.nix
+++ b/lass/2configs/retiolum.nix
@@ -1,12 +1,14 @@
-{ pkgs, ... }:
+{ config, pkgs, ... }:
 
 {
 
   krebs.iptables = {
     tables = {
-      filter.INPUT.rules = [
-        { predicate = "-p tcp --dport tinc"; target = "ACCEPT"; }
-        { predicate = "-p udp --dport tinc"; target = "ACCEPT"; }
+      filter.INPUT.rules = let
+        tincport = toString config.krebs.build.host.nets.retiolum.tinc.port;
+      in [
+        { predicate = "-p tcp --dport ${tincport}"; target = "ACCEPT"; }
+        { predicate = "-p udp --dport ${tincport}"; target = "ACCEPT"; }
       ];
     };
   };
author	lassulus <lassulus@lassul.us>	2017-09-19 11:51:22 +0200
committer	lassulus <lassulus@lassul.us>	2017-09-19 11:58:46 +0200
commit	2d1160c0623461ea94d2f573d114909b64ab2b4d (patch)
tree	a4c7aee1caa973f0fb4680be8339a66ed9e7c008 /lass/2configs/retiolum.nix
parent	c83cd3492a180e41c071e31ae8e4225b5c2083fc (diff)