rewrite firewall rules

2023-09-12 15:46:44 +03:00
parent 2b5b9bc57f
commit e61944dfde
7 changed files with 92 additions and 44 deletions
--- a/modules/services/snmp_exporter/default.nix
+++ b/modules/services/snmp_exporter/default.nix
@@ -2,6 +2,7 @@
  config,
  lib,
  pkgs,
+  myData,
  ...
 }: {
  options.mj.services.snmp_exporter = with lib.types; {
@@ -9,7 +10,12 @@
  };

  config = lib.mkIf config.mj.services.snmp_exporter.enable {
-    mj.services.friendlyport.vpn.ports = [config.services.prometheus.exporters.snmp.port];
+    mj.services.friendlyport.ports = [
+      {
+        subnets = [myData.tailscale_subnet.cidr];
+        tcp = [config.services.prometheus.exporters.snmp.port];
+      }
+    ];

    services.prometheus.exporters.snmp = {
      enable = true;