Expose some services to semi wan

Signed-off-by: Magic_RB <magic_rb@redalder.org>

nixos/systems/blowhole/nomad.nix

@@ -103,6 +103,7 @@ in
           "docker.privileged.enabled" = "true";
         };
 
+        host_network."wan".cidr = secret.network.networks.home.wan or "";
         host_network."default".cidr = secret.network.networks.home.amsterdam or "";
         host_network."mesh".cidr = secret.network.networks.vpn or "";
 

terranix/containers/ingress-blowhole/job.hcl

@@ -28,19 +28,29 @@ job "ingress" {
 
     network {
       mode = "bridge"
+
+      port "http-paccess" {
+        static = 80
+        to = 81
+        host_network = "wan"
+      }
+
       port "http" {
         static = 80
         to = 80
+        host_network = "default"
       }
 
       port "https" {
         static = 443
         to = 443
+        host_network = "default"
       }
 
       port "imap" {
         static = 143
         to = 143
+        host_network = "default"
       }
     }
 

terranix/containers/ingress-blowhole/upstreams.conf

@@ -36,6 +36,7 @@ upstream matrix-mautrix-facebook {
 
 server {
   listen 80;
+  listen 81;
 
   server_name jellyfin.in.redalder.org;
 
@@ -84,6 +85,7 @@ server {
 
 server {
   listen 80;
+  listen 81;
 
   server_name hass.in.redalder.org;
 
@@ -254,6 +256,7 @@ server {
 
 server {
   listen 80;
+  listen 81;
 
   server_name _;
   include /local/security.conf;