From af86328ec12215ca461e9bcb855d292660bcd4f7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Rapha=C3=ABl=20Numbus?= <admin@numbus.eu>
Date: Fri, 27 Feb 2026 17:36:17 +0100
Subject: [PATCH] Try to get nextcloud to be able to connect to itself.

---
 modules/networking/firewall.nix | 9 +--------
 1 file changed, 1 insertion(+), 8 deletions(-)

diff --git a/modules/networking/firewall.nix b/modules/networking/firewall.nix
index 00b00b7..d5386e4 100644
--- a/modules/networking/firewall.nix
+++ b/modules/networking/firewall.nix
@@ -8,14 +8,7 @@
       allowPing = true;
       allowedTCPPorts = [ 53 80 443 ];
       allowedUDPPorts = [ 53 443 ];
+      interfaces."podman*".allowedTCPPorts = [ 443 ];
     };
-    extraCommands = ''
-      # Accept HTTPS from podman network
-      ${pkgs.nftables}/bin/nft add rule inet filter input ip saddr 10.89.0.0/16 tcp dport 443 ct state new,established accept || true
-      ${pkgs.nftables}/bin/nft add rule inet filter input ip saddr 192.168.11.0/24 tcp dport 443 ct state new,established accept || true
-      ${pkgs.nftables}/bin/nft add rule inet filter input ip saddr 192.168.27.0/24 tcp dport 443 ct state new,established accept || true
-      # Accept established responses
-      ${pkgs.nftables}/bin/nft add rule inet filter input ct state established,related accept || true
-    '';
   };
 }
\ No newline at end of file