Nebucatnetzer
/
nixos
1
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Limit the listen addresses for PostgreSQL

This commit is contained in:
Andreas Zweili 2022-11-02 21:44:41 +01:00
parent 17a033cd4f
commit 6ae6fd0f5b
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
modules/postgresql/default.nix
View File

@ -1,8 +1,9 @@
{ ... }:
{ pkgs, ... }:
{
services.postgresql = {
enable = true;
enableTCPIP = true;
settings.listen_adresses = pkgs.lib.mkForce "127.0.0.1,172.17.0.1";
};
networking.firewall.extraCommands = "iptables -A INPUT -p tcp --destination-port 3306 -s 172.16.0.0/12 -j ACCEPT";
}