~magic_rb/dotfiles

1b63b0aa1a39c370a73ca4b039998010b25fb4d5 — Magic_RB 9 months ago 304db3c
Allow containers in Nomad to reach Nomad

Signed-off-by: Magic_RB <magic_rb@redalder.org>
1 files changed, 3 insertions(+), 0 deletions(-)

M nixos/systems/blowhole/firewall.nix
M nixos/systems/blowhole/firewall.nix => nixos/systems/blowhole/firewall.nix +3 -0
@@ 169,6 169,9 @@ in
              iifname { "nomad", "docker0", "ve-monitor", "ve-klipper" } tcp dport 53 accept
              iifname { "nomad", "docker0", "ve-monitor", "ve-klipper" } udp dport 53 accept

              # Allow Nomad Containers to reach Nomad
              iifname { "nomad" } tcp dport 4646 accept

              # Allow proxies to reach consul
              iifname { "nomad", "ve-monitor", "ve-klipper" } tcp dport 8500 accept
              iifname { "ve-monitor", "ve-klipper" } tcp dport 8502 accept