From 984f205c7b319cbc55554adae5e3dd6a3786d6af Mon Sep 17 00:00:00 2001
From: Patrick Spek <p.spek@tyil.nl>
Date: Mon, 4 Mar 2024 10:33:44 +0000
Subject: Add nftables to ricui

---
 hosts.d/ricui.tyil.net    | 5 +++++
 registry.d/ricui.tyil.net | 1 +
 2 files changed, 6 insertions(+)

diff --git a/hosts.d/ricui.tyil.net b/hosts.d/ricui.tyil.net
index 777d17e..740114d 100644
--- a/hosts.d/ricui.tyil.net
+++ b/hosts.d/ricui.tyil.net
@@ -1,4 +1,9 @@
 meta.provider=hetzner
+nftables.input.interfaces.cilium*.policy=accept
+nftables.input.interfaces.lxc*.policy=accept
+nftables.input.rules.kubelet.policy=accept
+nftables.input.rules.kubelet.port=10250
+nftables.input.rules.kubelet.proto=tcp
 vpn-tinc.ipv4=10.57.20.7
 vpn-tinc.ipv6=fd68:1057:1992:3381:0:1:1:2
 vpn-wireguard.endpoint=2a01:4f8:1c1b:67d7::1
diff --git a/registry.d/ricui.tyil.net b/registry.d/ricui.tyil.net
index ac65e43..6f38e85 100644
--- a/registry.d/ricui.tyil.net
+++ b/registry.d/ricui.tyil.net
@@ -1,3 +1,4 @@
+nftables
 ssh
 vpn-tinc
 vpn-wireguard
-- 
cgit v1.1