summary refs log tree commit diff
diff options
context:
space:
mode:
authorArun Isaac2025-09-24 12:06:41 +0100
committerArun Isaac2025-09-24 12:14:58 +0100
commitedd590117e8876fb422cbf833d4e6ec1fe77d2c4 (patch)
tree7d740f8b35ae7767b7a4326aa74753d82d188c02
parent15a7c67c5819c496285433ad5f86237cec47560f (diff)
downloadmachines-edd590117e8876fb422cbf833d4e6ec1fe77d2c4.tar.gz
machines-edd590117e8876fb422cbf833d4e6ec1fe77d2c4.tar.lz
machines-edd590117e8876fb422cbf833d4e6ec1fe77d2c4.zip
mugam: Switch hrrol to well-known ports.
Switching to well-known ports makes the configuration simpler, and
lets us take advantage of defaults. The non-standard ports were from
the days when Guix was but a container running on hrrol's Parabola.
Diffstat
-rw-r--r--mugam-nftables-rules.conf8
-rw-r--r--mugam.scm4
2 files changed, 3 insertions, 9 deletions
diff --git a/mugam-nftables-rules.conf b/mugam-nftables-rules.conf
index 261a98b..0f18d46 100644
--- a/mugam-nftables-rules.conf
+++ b/mugam-nftables-rules.conf
@@ -22,13 +22,7 @@ table ip nat {
   chain prerouting {
     type nat hook prerouting priority dstnat;
     # Forward ports to various services.
-    # E-mail
-    iifname eth0 tcp dport smtp dnat to $hrrol:8025
-    iifname eth0 tcp dport pop3s dnat to $hrrol:8995
-    iifname eth0 tcp dport smtps dnat to $hrrol:8465
-    iifname eth0 tcp dport submission dnat to $hrrol:8587
-    # XMPP
-    iifname eth0 tcp dport {xmpp-client, xmpp-server} dnat to $hrrol
+    iifname eth0 tcp dport {smtp, smtps, submission, pop3s, xmpp-client, xmpp-server} dnat to $hrrol
   }
   chain postrouting {
     type nat hook postrouting priority srcnat;
diff --git a/mugam.scm b/mugam.scm
index 441f7cb..c66ac02 100644
--- a/mugam.scm
+++ b/mugam.scm
@@ -161,7 +161,7 @@ of <zone> records."
                                        (uri "/")
                                        (body (list (string-append "proxy_pass http://"
                                                                   %hrrol-wg-ip
-                                                                  ":8081;")
+                                                                  ";")
                                                    "proxy_set_header Host $http_host;"))))))
                             (nginx-server-configuration
                               (listen (list "80"))
@@ -179,7 +179,7 @@ of <zone> records."
                        (upstream-blocks
                         (list (nginx-upstream-configuration
                                 (name "hrrol_https")
-                                (servers (list (string-append %hrrol-wg-ip ":8080"))))
+                                (servers (list (string-append %hrrol-wg-ip ":443"))))
                               (nginx-upstream-configuration
                                 (name "ragulkanth_https")
                                 (servers (list (string-append %ragulkanth-wg-ip ":443"))))))
generated by cgit-pink 1.4.1 (git 2.36.1) at 2026-05-07 10:12:49 +0000