Loading
nixos/endlessh-go: fix firewall bugs
this change fixes 2 major bugs in the endlessh-go service's firewall options: 1. prometheus port unexpectedly allowed through firewall (services.endlessh-go.openFirewall) the description of the option is "Whether to open a firewall port for the SSH listener." however as we can see, both the ssh listener AND the prometheus listener have their ports opened. this is especially troublesome because endlessh-go (i guess as an artifact of being developed for docker) defaults the prometheus listener to 0.0.0.0. 2. the prometheus port unexpectedly allowed through firewall when prometheus is disabled (services.endlessh-go.prometheus.enable) even when prometheus is disabled, its port is allowed through the firewall