bifrost: keep ssh port open for now

2024-11-23 00:25:40 +05:30 · 2024-11-23 00:25:40 +05:30 · dd2654a5d0
commit dd2654a5d0
parent 29fd0a24b4
1 changed files with 6 additions and 2 deletions
--- a/hosts/bifrost/services/ssh.nix
+++ b/hosts/bifrost/services/ssh.nix
@ -1,12 +1,16 @@
 { config, ... }:
 let facts = config.nodeconfig.facts; in {
-  networking.firewall.interfaces.ens3.allowedTCPPorts = [ 22 ];
+  networking.firewall.interfaces = {
+    ens3.allowedTCPPorts = [ 2222 ];
+    ens4.allowedTCPPorts = [ 22 ];
+  };
  services.openssh = {
    enable = true;
    openFirewall = false;
    listenAddresses = [
-      { addr = facts.wireguard-ip; port = 22; }
+      { addr = facts.external-ip; port = 2222; }
      { addr = facts.local-ip; port = 22; }
+      { addr = facts.wireguard-ip; port = 22; }
    ];
    settings = {
      KbdInteractiveAuthentication = false;