open firewall ports for forgejo and keycloak

author: Franck Cuny <franck@fcuny.net> 2025-08-24 18:55:35 -0700
committer: Franck Cuny <franck@fcuny.net> 2025-08-24 18:55:35 -0700
commit: 8dcb19b7ae25d7b61f0fd265cc79536fe4f53543 (patch)
tree: cfd139274cd3383b8a4bd809142e374711aa1199 /machines
parent: add to firefox more policies and settings (diff)
download: infra-8dcb19b7ae25d7b61f0fd265cc79536fe4f53543.tar.gz
2 files changed, 4 insertions, 0 deletions
diff --git a/machines/nixos/x86_64-linux/synology-vm/profiles/forgejo.nix b/machines/nixos/x86_64-linux/synology-vm/profiles/forgejo.nix
index ddaf218..18d6207 100644
--- a/machines/nixos/x86_64-linux/synology-vm/profiles/forgejo.nix
+++ b/machines/nixos/x86_64-linux/synology-vm/profiles/forgejo.nix
@@ -11,6 +11,8 @@ let
   '';
 in
 {
+  networking.firewall.allowedTCPPorts = [ 3000 ];
+
   age.secrets.forgejo-fastmail = {
     file = "${self}/secrets/forgejo-fastmail.age";
   };
diff --git a/machines/nixos/x86_64-linux/synology-vm/profiles/keycloak.nix b/machines/nixos/x86_64-linux/synology-vm/profiles/keycloak.nix
index fc1fe2d..b6fb6c3 100644
--- a/machines/nixos/x86_64-linux/synology-vm/profiles/keycloak.nix
+++ b/machines/nixos/x86_64-linux/synology-vm/profiles/keycloak.nix
@@ -4,6 +4,8 @@
     file = "${self}/secrets/keycloak-db-password.age";
   };
 
+  networking.firewall.allowedTCPPorts = [ 8080 ];
+
   services.keycloak = {
     enable = true;
     database.passwordFile = config.age.secrets.keycloak-db-password.path;
author	Franck Cuny <franck@fcuny.net>	2025-08-24 18:55:35 -0700
committer	Franck Cuny <franck@fcuny.net>	2025-08-24 18:55:35 -0700
commit	8dcb19b7ae25d7b61f0fd265cc79536fe4f53543 (patch)
tree	cfd139274cd3383b8a4bd809142e374711aa1199 /machines
parent	add to firefox more policies and settings (diff)
download	infra-8dcb19b7ae25d7b61f0fd265cc79536fe4f53543.tar.gz