From 16f8ec19f987a74903b59d703da8a57c6a5fe644 Mon Sep 17 00:00:00 2001
From: quitte <root@quitte>
Date: Sun, 19 May 2024 11:15:58 +0200
Subject: [PATCH] firewall: allow ldaps from podman

---
 modules/ldap/default.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/ldap/default.nix b/modules/ldap/default.nix
index 1701831..b5d1cf7 100644
--- a/modules/ldap/default.nix
+++ b/modules/ldap/default.nix
@@ -93,7 +93,7 @@ in
   };
   networking.firewall = {
     extraInputRules = ''
-      ip saddr { 141.30.86.192/26, 141.76.100.128/25 } tcp dport 636 accept comment "Allow ldaps access from office nets"
+      ip saddr { 141.30.86.192/26, 141.76.100.128/25, 141.30.30.169, 10.88.0.1/16 } tcp dport 636 accept comment "Allow ldaps access from office nets and podman"
     '';
   };
 }