From 7e1a49c29ec339e12822fd186247878d54204bfc Mon Sep 17 00:00:00 2001
From: Menno van Leeuwen <menno@vleeuwen.me>
Date: Sat, 16 Nov 2024 02:25:53 +0100
Subject: [PATCH] removes Qbittorrent port entry and comments out additional
 internal communication rules

---
 config/nixos/common/server.nix | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/config/nixos/common/server.nix b/config/nixos/common/server.nix
index b69f650..d192657 100644
--- a/config/nixos/common/server.nix
+++ b/config/nixos/common/server.nix
@@ -32,7 +32,7 @@
       81 # Nginx Proxy Manager
       5334 # Duplicati Notifications
       7788 # Sabnzbd
-      8085 # Qbittorrent
+      #8085 # Qbittorrent
       3030 # Gitea
       5080 # Factorio Server Manager
       5555 # Overseerr
@@ -47,5 +47,18 @@
     allowedUDPPorts = [
       51820 # WireGuard
     ];
+
+    # Extra rules for allowing internal communication
+    # extraCommands = ''
+    #   # Allow established connections
+    #   iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
+
+    #   # Allow all traffic on internal networks
+    #   iptables -A INPUT -i docker0 -j ACCEPT
+    #   iptables -A INPUT -i tailscale0 -j ACCEPT
+
+    #   # Allow traffic between Docker containers
+    #   iptables -A DOCKER-USER -i docker0 -o docker0 -j ACCEPT
+    # '';
   };
 }