From 5855d2384d7ca8612d10e17b124004c15302a755 Mon Sep 17 00:00:00 2001
From: Katharina Heidenreich <katharina.heidenreich@stud.tu-darmstadt.de>
Date: Sat, 14 Mar 2026 14:22:25 +0100
Subject: [PATCH] =?UTF-8?q?feat:=20add=20dynamic=20p=C3=83ort=20forwarding?=
 =?UTF-8?q?=20definitions?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 data/services.nix    | 10 ++++++++++
 services/autossh.nix |  9 ++++-----
 2 files changed, 14 insertions(+), 5 deletions(-)

diff --git a/data/services.nix b/data/services.nix
index 502b15d..3aa1246 100644
--- a/data/services.nix
+++ b/data/services.nix
@@ -23,6 +23,16 @@ rec {
   autossh = {
     key_path = "/etc/auto-ssh_secrets/key";
     known_hosts = "/etc/auto-ssh_secrets/known_hosts";
+    forwards = [{
+      remote = 80;
+      localAddress = "localhost";
+      localPort = 80;
+    }
+    {
+      remote = 443;
+      localAddress = "localhost";
+      localPort = 443;
+    }];
   };
 }
 
diff --git a/services/autossh.nix b/services/autossh.nix
index 2345d84..9c2d93f 100644
--- a/services/autossh.nix
+++ b/services/autossh.nix
@@ -4,10 +4,9 @@ let
   net = import ../data/network.nix;
   serv = import ../data/services.nix;
 
-  remoteListenHost = "0.0.0.0";
-  remoteListenPort = 80;
-  localHost = "localhost";
-  localPort = 80;
+  forwardStrings = map (port: "-R ${toString port.remote}:${port.localAddress}:${toString port.localPort}") serv.autossh.forwards;
+  forwardString = builtins.concatStringsSep " " forwardStrings;
+
   sshHost = net.services.remoteProxy.ip;
   sshPort = 22;
   sshUser = "root";
@@ -39,7 +38,7 @@ in
           -o ServerAliveInterval=10 \
           -o ExitOnForwardFailure=yes \
           -o UserKnownHostsFile=${trustedHostsFile} \
-          -R ${toString remoteListenPort}:${localHost}:${toString localPort} \
+          ${forwardString} \
           -i ${sshKeyPath} \
           -p ${toString sshPort} \
           ${sshUser}@${sshHost}