add remote builder

author: quentin@aristote.fr <quentin@aristote.fr> 2024-11-30 16:45:22 +0100
committer: quentin@aristote.fr <quentin@aristote.fr> 2024-11-30 16:45:22 +0100
commit: df5287dd4133549dd7b13ea762f4c60fb2280a21 (patch)
tree: 6a27eb632b36f570f70f56c732c0953587be3db0 /config/networking/services/firewall
parent: 89ed974f44d6723d3862d20927e405cbbbfb09dc (diff)
1 files changed, 11 insertions, 1 deletions
diff --git a/config/networking/services/firewall/ruleset.nix b/config/networking/services/firewall/ruleset.nix
index 3418ef8..ba9b39d 100644
--- a/config/networking/services/firewall/ruleset.nix
+++ b/config/networking/services/firewall/ruleset.nix
@@ -5,6 +5,10 @@
       sonos-play1
       sonos-move
       ;
+    inherit
+      (interfaces.all.wan.machines)
+      hephaistos
+      ;
   };
   makeTable = args:
     {
@@ -195,7 +199,13 @@ in {
           + ssdp
           + sonos.player-controller
           + sonos.controller-player;
-        wan_wan.rules = with rulesCommon; syncthing + kdeconnect;
+        wan_wan.rules = with rulesCommon;
+          syncthing
+          + kdeconnect
+          + ''
+            ip daddr ${machines.hephaistos.ip} \
+              ${ssh}
+          '';
         forward = makeBaseChain "filter" "forward" {
           rules = with rulesCommon;
             conntrack
author	quentin@aristote.fr <quentin@aristote.fr>	2024-11-30 16:45:22 +0100
committer	quentin@aristote.fr <quentin@aristote.fr>	2024-11-30 16:45:22 +0100
commit	df5287dd4133549dd7b13ea762f4c60fb2280a21 (patch)
tree	6a27eb632b36f570f70f56c732c0953587be3db0 /config/networking/services/firewall
parent	89ed974f44d6723d3862d20927e405cbbbfb09dc (diff)