From 681ac5d8866a30ba7197c2be555de71714647d22 Mon Sep 17 00:00:00 2001
From: Aaron Bieber <aaron@bolddaemon.com>
Date: Fri, 2 Sep 2022 07:18:08 -0600
Subject: [PATCH] h: be explicit in what ports are open

---
 hosts/h/default.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/hosts/h/default.nix b/hosts/h/default.nix
index 8e866e0..0e55229 100644
--- a/hosts/h/default.nix
+++ b/hosts/h/default.nix
@@ -74,7 +74,7 @@ in {
       };
     };
     firewall = {
-      allowedTCPPorts = [ 22 80 443 ];
+      allowedTCPPorts = [ 22 80 443 53589 ];
       allowedUDPPortRanges = [{
         from = 60000;
         to = 61000;
@@ -131,7 +131,7 @@ in {
       fqdn = "tasks.suah.dev";
       listenHost = "::";
       organisations."bolddaemon".users = [ "qbit" ];
-      openFirewall = true;
+      openFirewall = false;
     };
     cron = {
       enable = true;