From 984f205c7b319cbc55554adae5e3dd6a3786d6af Mon Sep 17 00:00:00 2001
From: Patrick Spek <p.spek@tyil.nl>
Date: Mon, 4 Mar 2024 10:33:44 +0000
Subject: Add nftables to ricui

---
 hosts.d/ricui.tyil.net | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'hosts.d/ricui.tyil.net')

diff --git a/hosts.d/ricui.tyil.net b/hosts.d/ricui.tyil.net
index 777d17e..740114d 100644
--- a/hosts.d/ricui.tyil.net
+++ b/hosts.d/ricui.tyil.net
@@ -1,4 +1,9 @@
 meta.provider=hetzner
+nftables.input.interfaces.cilium*.policy=accept
+nftables.input.interfaces.lxc*.policy=accept
+nftables.input.rules.kubelet.policy=accept
+nftables.input.rules.kubelet.port=10250
+nftables.input.rules.kubelet.proto=tcp
 vpn-tinc.ipv4=10.57.20.7
 vpn-tinc.ipv6=fd68:1057:1992:3381:0:1:1:2
 vpn-wireguard.endpoint=2a01:4f8:1c1b:67d7::1
-- 
cgit v1.1