mediaserver: drop no-op firewall rules, close unused DR forwards
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
This commit is contained in:
parent
f65675bd80
commit
8dd70a2d9d
12 changed files with 8 additions and 37 deletions
|
|
@ -45,8 +45,7 @@
|
|||
};
|
||||
};
|
||||
|
||||
# LAN DNS — router blocks WAN:53 so this is effectively LAN-only
|
||||
networking.firewall.allowedTCPPorts = [ 53 ];
|
||||
networking.firewall.allowedUDPPorts = [ 53 ];
|
||||
# LAN clients reach :53 via the nftables "LAN trusted" rule in router.nix;
|
||||
# WAN:53 is dropped there.
|
||||
};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -6,7 +6,6 @@
|
|||
# Bazarr
|
||||
services.bazarr = {
|
||||
enable = true;
|
||||
openFirewall = true; # Opens port 7878
|
||||
dataDir = "/var/lib/bazarr";
|
||||
user = "bazarr";
|
||||
group = "media";
|
||||
|
|
|
|||
|
|
@ -66,7 +66,7 @@ in
|
|||
};
|
||||
};
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ 2110 2603 2604 2605 2606 ];
|
||||
networking.firewall.allowedUDPPorts = [ 2110 2603 2604 2605 2606 ];
|
||||
# WAN forwards for 2110/2603-2606 were removed from ports.toml when this
|
||||
# service was disabled — re-add them there if this comes back.
|
||||
};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -187,8 +187,5 @@
|
|||
StartLimitIntervalSec = 300;
|
||||
StartLimitBurst = 5;
|
||||
};
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ 26900 26910 ];
|
||||
networking.firewall.allowedUDPPorts = [ 26900 26901 26902 26910 26911 26912 ];
|
||||
};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -87,7 +87,6 @@ in
|
|||
|
||||
services.homepage-dashboard = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
listenPort = 8084;
|
||||
|
||||
# Allow access from anywhere on the LAN
|
||||
|
|
|
|||
|
|
@ -5,7 +5,6 @@
|
|||
# Jellyfin
|
||||
services.jellyfin = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
};
|
||||
|
||||
# Ensure Jellyfin can write thumbnails/artwork to media directories
|
||||
|
|
|
|||
|
|
@ -135,7 +135,5 @@ in
|
|||
};
|
||||
};
|
||||
};
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
||||
};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -19,7 +19,6 @@
|
|||
# Prowlarr
|
||||
services.prowlarr = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
dataDir = "/var/lib/prowlarr";
|
||||
};
|
||||
};
|
||||
|
|
|
|||
|
|
@ -6,7 +6,6 @@
|
|||
# Radarr
|
||||
services.radarr = {
|
||||
enable = true;
|
||||
openFirewall = true; # Opens port 7878
|
||||
dataDir = "/var/lib/radarr";
|
||||
user = "radarr";
|
||||
group = "media";
|
||||
|
|
|
|||
|
|
@ -6,7 +6,6 @@
|
|||
# Sonarr
|
||||
services.sonarr = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
dataDir = "/var/lib/sonarr";
|
||||
user = "sonarr";
|
||||
group = "media";
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue