Allow postgresql from LAN

1 files changed, 2 insertions, 0 deletions

diff --git a/config/router.nix b/config/router.nix
index 6db1255..bf6bf25 100644
--- a/config/router.nix
+++ b/config/router.nix
@@ -110,6 +110,8 @@ in {
           interface ($DEV_LAN $DEV_ADMIN) @subchain "lan_services" {
             proto (tcp udp) dport 5000 ACCEPT; # random debugging
 
+            proto (tcp udp) dport postgresql ACCEPT; # internal network only!
+
             proto (tcp udp) dport (ssh domain bootpc bootps ntp) ACCEPT;
             # prometheus temp rule
             proto tcp dport 11112 ACCEPT;