feat: auto forward ports and open firewall

2026-03-16 19:05:55 +01:00 · 2026-03-16 19:05:55 +01:00 · 44d2263bdf
commit 44d2263bdf
parent b166c58127
4 changed files with 20 additions and 13 deletions
--- a/data/network.nix
+++ b/data/network.nix
@ -95,4 +95,13 @@ rec {
  dnsMappings = lib.filterAttrs _predOnlyLocalObjs _dnsMappingObjects;

  reverse_proxy = lib.filterAttrs (name: value: value ? reverse_proxy) services;
+
+  _portsUsedInService = (service: if service ? reverse_proxy 
+    then if service.reverse_proxy ? listen
+      then map (obj: obj.port) service.reverse_proxy.listen
+      else if service.reverse_proxy ? ssl && service.reverse_proxy.ssl
+        then [80 443]
+        else [80]
+    else [80]);
+  usedPorts = lib.unique (lib.concatLists (map _portsUsedInService (builtins.attrValues services)));
 }
--- a/data/services.nix
+++ b/data/services.nix
@ -23,16 +23,7 @@ rec {
  autossh = {
    key_path = "/etc/auto-ssh_secrets/key";
    known_hosts = "/etc/auto-ssh_secrets/known_hosts";
-    forwards = [{
-      remote = 80;
-      localAddress = "localhost";
-      localPort = 80;
-    }
-    {
-      remote = 443;
-      localAddress = "localhost";
-      localPort = 443;
-    }];
+    forwards = [];
  };
 }