use proper options for the firewall & default to local build

2025-08-03 04:03:22 +02:00 · 2025-08-03 04:03:22 +02:00 · f5241119eb
commit f5241119eb
parent 22f93f23ed
8 changed files with 171 additions and 109 deletions
--- a/shared/db/postgres.nix
+++ b/shared/db/postgres.nix
@ -84,4 +84,8 @@ in
            echo "PostgreSQL dataDir not empty, skipping initial master to slave replication"
        fi
    '');
+
+    fwtables.allowedTCPPorts = [
+        { port = cfg.settings.port; public = false; }
+    ];
 }