wurzel/fruitbasket
9
1
Fork 0
Code Issues 5 Pull requests Packages Projects Releases Wiki Activity

bacula: restrict port to agdsn networks

Browse source
This commit is contained in:
Rouven Seifert 2024-01-07 01:16:37 +01:00
parent 0084a02568
commit d6571ac695
Signed by: rouven.seifert
GPG key ID: B95E8FE6B11C4D09
1 changed files with 5 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
modules/bacula.nix
View file

@ -5,7 +5,11 @@
"bacula/keypair".owner = "bacula";
"bacula/masterkey".owner = "bacula";
};
networking.firewall.allowedTCPPorts = [ config.services.bacula-fd.port ];
networking.firewall = {
extraInputRules = ''
ip saddr 10.144.0.11 tcp dport ${config.services.bacula-fd.port} accept comment "Only allow Bacula access from Abel"
'';
};
services.bacula-fd = {
enable = true;
name = "ifsr-quitte";