Allow containers in Nomad to reach Nomad

Signed-off-by: Magic_RB <magic_rb@redalder.org>
2024-11-22 08:04:20 +01:00 · 2023-05-28 12:50:39 +02:00 · 2023-05-28 12:50:39 +02:00 · 1b63b0aa1a
parent 304db3c0e4
commit 1b63b0aa1a
1 changed files with 3 additions and 0 deletions
--- a/nixos/systems/blowhole/firewall.nix
+++ b/nixos/systems/blowhole/firewall.nix
@ -169,6 +169,9 @@ in
              iifname { "nomad", "docker0", "ve-monitor", "ve-klipper" } tcp dport 53 accept
              iifname { "nomad", "docker0", "ve-monitor", "ve-klipper" } udp dport 53 accept

+              # Allow Nomad Containers to reach Nomad
+              iifname { "nomad" } tcp dport 4646 accept
+
              # Allow proxies to reach consul
              iifname { "nomad", "ve-monitor", "ve-klipper" } tcp dport 8500 accept
              iifname { "ve-monitor", "ve-klipper" } tcp dport 8502 accept