From df5287dd4133549dd7b13ea762f4c60fb2280a21 Mon Sep 17 00:00:00 2001
From: "quentin@aristote.fr" <quentin@aristote.fr>
Date: Sat, 30 Nov 2024 16:45:22 +0100
Subject: add remote builder

---
 config/networking/services/firewall/ruleset.nix | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

(limited to 'config/networking/services/firewall')

diff --git a/config/networking/services/firewall/ruleset.nix b/config/networking/services/firewall/ruleset.nix
index 3418ef8..ba9b39d 100644
--- a/config/networking/services/firewall/ruleset.nix
+++ b/config/networking/services/firewall/ruleset.nix
@@ -5,6 +5,10 @@
       sonos-play1
       sonos-move
       ;
+    inherit
+      (interfaces.all.wan.machines)
+      hephaistos
+      ;
   };
   makeTable = args:
     {
@@ -195,7 +199,13 @@ in {
           + ssdp
           + sonos.player-controller
           + sonos.controller-player;
-        wan_wan.rules = with rulesCommon; syncthing + kdeconnect;
+        wan_wan.rules = with rulesCommon;
+          syncthing
+          + kdeconnect
+          + ''
+            ip daddr ${machines.hephaistos.ip} \
+              ${ssh}
+          '';
         forward = makeBaseChain "filter" "forward" {
           rules = with rulesCommon;
             conntrack
-- 
cgit v1.2.3