From fd5e0108f684807819cc45c316da57a96dc30dfb Mon Sep 17 00:00:00 2001
From: Rouven Seifert <rouven@rfive.de>
Date: Tue, 28 Nov 2023 23:00:41 +0100
Subject: [PATCH] quitte: allow ldaps access

---
 modules/ldap/default.nix | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/modules/ldap/default.nix b/modules/ldap/default.nix
index 98274df..11a87bd 100644
--- a/modules/ldap/default.nix
+++ b/modules/ldap/default.nix
@@ -122,4 +122,9 @@ in
       };
     };
   };
+  networking.firewall = {
+    extraInputRules = ''
+      ip saddr { 141.30.86.192/26, 141.76.100.128/25 } tcp dport 636 accept comment "Allow ldaps access from office nets"
+    '';
+  };
 }