From d819ba3e0a13c7aba4a550e2ee2366a847d5016f Mon Sep 17 00:00:00 2001
From: Grisha Shipunov <blame@oxapentane.com>
Date: Sat, 11 Jan 2025 18:54:58 +0100
Subject: [PATCH] cloud: add wg ports automatically

---
 hosts/cloud/networking.nix | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/hosts/cloud/networking.nix b/hosts/cloud/networking.nix
index ea37472..71af8e1 100644
--- a/hosts/cloud/networking.nix
+++ b/hosts/cloud/networking.nix
@@ -1,10 +1,15 @@
-{ lib, ... }:
+{ lib, config, ... }:
 {
   networking.dhcpcd.enable = false;
 
   networking.firewall.enable = true;
   # TODO: configure automatically in the module
-  networking.firewall.allowedUDPPorts = [ 51820 ];
+  networking.firewall.allowedUDPPorts =
+    let
+      wg-nets = lib.filter (net: net.hosts.cloud.endpoint.enable) config.oxalab.wg;
+      wg-ports = map (net: net.hosts.cloud.endpoint.port) wg-nets;
+    in
+    wg-ports;
 
   networking.useNetworkd = true;
   systemd.network.enable = true;