Limit the listen addresses for PostgreSQL
This commit is contained in:
parent
17a033cd4f
commit
6ae6fd0f5b
|
@ -1,8 +1,9 @@
|
|||
{ ... }:
|
||||
{ pkgs, ... }:
|
||||
{
|
||||
services.postgresql = {
|
||||
enable = true;
|
||||
enableTCPIP = true;
|
||||
settings.listen_adresses = pkgs.lib.mkForce "127.0.0.1,172.17.0.1";
|
||||
};
|
||||
networking.firewall.extraCommands = "iptables -A INPUT -p tcp --destination-port 3306 -s 172.16.0.0/12 -j ACCEPT";
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue