space_server: chrony: Enable NTS server

author: Emil Renner Berthing <esmil@labitat.dk> 2023-03-26 01:45:32 +0100
committer: Emil Renner Berthing <esmil@labitat.dk> 2023-03-26 01:56:01 +0100
commit: 29d8c3184cbdf9104bd15757cfb73f6be356a44f (patch)
tree: 35f6a5b43ae053b2452c44debc70b12c02830a81 /roles/space_server/templates/nftables.conf.j2
parent: 9b3563156ef6cb5cc6d3c4bed2fc9c23adf3a165 (diff)
download: labitat-ansible-29d8c3184cbdf9104bd15757cfb73f6be356a44f.tar.gz
labitat-ansible-29d8c3184cbdf9104bd15757cfb73f6be356a44f.tar.xz
labitat-ansible-29d8c3184cbdf9104bd15757cfb73f6be356a44f.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/roles/space_server/templates/nftables.conf.j2 b/roles/space_server/templates/nftables.conf.j2
index b01ba96..6567315 100644
--- a/roles/space_server/templates/nftables.conf.j2
+++ b/roles/space_server/templates/nftables.conf.j2
@@ -107,6 +107,7 @@ table ip filter {
 
 		# ntp
 		udp dport 123 ip saddr { $int_net4, $ext_net4 } accept
+		tcp dport 4460 ip saddr { $int_net4, $ext_net4 } accept
 
 		# avahi
 		ip daddr 224.0.0.251 udp dport 5353 iif $avahi_ifs accept
@@ -205,6 +206,7 @@ table ip6 filter {
 
 		# ntp
 		udp dport 123 ip6 saddr $ext_net6 accept
+		tcp dport 4460 ip6 saddr $ext_net6 accept
 
 		# avahi
 		ip6 daddr ff02::fb udp dport 5353 iif $avahi_ifs accept
author	Emil Renner Berthing <esmil@labitat.dk>	2023-03-26 01:45:32 +0100
committer	Emil Renner Berthing <esmil@labitat.dk>	2023-03-26 01:56:01 +0100
commit	29d8c3184cbdf9104bd15757cfb73f6be356a44f (patch)
tree	35f6a5b43ae053b2452c44debc70b12c02830a81 /roles/space_server/templates/nftables.conf.j2
parent	9b3563156ef6cb5cc6d3c4bed2fc9c23adf3a165 (diff)
download	labitat-ansible-29d8c3184cbdf9104bd15757cfb73f6be356a44f.tar.gz labitat-ansible-29d8c3184cbdf9104bd15757cfb73f6be356a44f.tar.xz labitat-ansible-29d8c3184cbdf9104bd15757cfb73f6be356a44f.zip