From 1e233417104c2f0659cca202c7d06031ba0d9dd6 Mon Sep 17 00:00:00 2001
From: Alex Auvolat <alex@adnab.me>
Date: Mon, 9 May 2022 00:29:17 +0200
Subject: [PATCH] Fix firewall rule for IGD

---
 nix/deuxfleurs.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/nix/deuxfleurs.nix b/nix/deuxfleurs.nix
index ae472ab..055ac55 100644
--- a/nix/deuxfleurs.nix
+++ b/nix/deuxfleurs.nix
@@ -219,7 +219,7 @@ in
       # Allow specific hosts access to specific things in the cluster
       extraCommands = ''
         # Allow everything from router (usefull for UPnP/IGD)
-        iptables -A INPUT -s 192.168.1.254 -j ACCEPT
+        iptables -A INPUT -s ${cfg.lan_default_gateway} -j ACCEPT
 
         # Allow docker containers to access all ports
         iptables -A INPUT -s 172.17.0.0/16 -j ACCEPT
@@ -230,7 +230,7 @@ in
 
       # When stopping firewall, delete all rules that were configured manually above
       extraStopCommands = ''
-        iptables -D INPUT -s 192.168.1.254 -j ACCEPT
+        iptables -D INPUT -s ${cfg.lan_default_gateway} -j ACCEPT
         iptables -D INPUT -s 172.17.0.0/16 -j ACCEPT
         iptables -D INPUT -s ${cfg.wesher_cluster_prefix}/${toString cfg.wesher_cluster_prefix_length} -j ACCEPT
       '';