only open port 8448 for matrix

2025-06-25 23:30:16 -07:00 · 2025-06-25 23:30:16 -07:00 · 96a057c3e6
commit 96a057c3e6
parent ab86d39ef0
2 changed files with 10 additions and 6 deletions
--- a/services/caddy.nix
+++ b/services/caddy.nix
@ -32,16 +32,10 @@

    # http (but really acmeCA challenges)
    80
-
-    # for matrix federation
-    8448
  ];

  networking.firewall.allowedUDPPorts = [
    service_configs.ports.https
-
-    # for matrix federation
-    8448
  ];

  users.users.${username}.extraGroups = [
--- a/services/matrix.nix
+++ b/services/matrix.nix
@ -52,4 +52,14 @@
  systemd.tmpfiles.rules = [
    "d /var/lib/private/matrix-conduit 0770 conduit conduit"
  ];
+
+  # for federation
+  networking.firewall.allowedTCPPorts = [
+    8448
+  ];
+
+  # for federation
+  networking.firewall.allowedUDPPorts = [
+    8448
+  ];
 }