diff options
| author | Vivek <vivek@master-hax.com> | 2024-09-04 20:02:22 -0700 |
|---|---|---|
| committer | Vivek Revankar <vivek@master-hax.com> | 2024-09-04 20:32:47 -0700 |
| commit | 17a46028b978a68ed613716fbe0daaab71d311ac (patch) | |
| tree | 299244a76c5b73e17359b99066caa1a1cf325521 /pkgs/development/python-modules/python-mapnik/python-mapnik_std_optional.patch | |
| parent | 85f9b1c74877ca83d3fd9cb682c4231b049e2801 (diff) | |
nixos/endlessh-go: fix firewall bugs
this change fixes 2 major bugs in the endlessh-go service's firewall options:
1. prometheus port unexpectedly allowed through firewall (services.endlessh-go.openFirewall)
the description of the option is "Whether to open a firewall port for the SSH listener." however as we can see, both the ssh listener AND the prometheus listener have their ports opened. this is especially troublesome because endlessh-go (i guess as an artifact of being developed for docker) defaults the prometheus listener to 0.0.0.0.
2. the prometheus port unexpectedly allowed through firewall when prometheus is disabled (services.endlessh-go.prometheus.enable)
even when prometheus is disabled, its port is allowed through the firewall
Diffstat (limited to 'pkgs/development/python-modules/python-mapnik/python-mapnik_std_optional.patch')
0 files changed, 0 insertions, 0 deletions