From c929515e23c5726d77be7e0bceae4149af84ed17 Mon Sep 17 00:00:00 2001
From: Kjetil Orbekk <kj@orbekk.com>
Date: Sat, 8 Oct 2022 07:36:13 -0400
Subject: Allow postgresql from LAN

---
 config/router.nix | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/config/router.nix b/config/router.nix
index 6db1255..bf6bf25 100644
--- a/config/router.nix
+++ b/config/router.nix
@@ -110,6 +110,8 @@ in {
           interface ($DEV_LAN $DEV_ADMIN) @subchain "lan_services" {
             proto (tcp udp) dport 5000 ACCEPT; # random debugging
 
+            proto (tcp udp) dport postgresql ACCEPT; # internal network only!
+
             proto (tcp udp) dport (ssh domain bootpc bootps ntp) ACCEPT;
             # prometheus temp rule
             proto tcp dport 11112 ACCEPT;
-- 
cgit v1.2.3