From 52ee08e13bd8f9b46826045dcc5d2fa90511cb62 Mon Sep 17 00:00:00 2001
From: Hadi <112569860+anotherhadi@users.noreply.github.com>
Date: Thu, 15 Jan 2026 18:48:18 +0100
Subject: [PATCH] Firewall allow port 53: DNS requests

Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
---
 server-modules/adguardhome.nix | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/server-modules/adguardhome.nix b/server-modules/adguardhome.nix
index 358ed8a..d64df92 100644
--- a/server-modules/adguardhome.nix
+++ b/server-modules/adguardhome.nix
@@ -6,5 +6,10 @@
     port = 3000;
   };
 
+  networking.firewall = {
+    allowedTCPPorts = [53];
+    allowedUDPPorts = [53];
+  };
+
   services.cloudflared.tunnels."f7c8f777-a36c-4b9a-b6e3-6a112bd43e73".ingress."adguard.hadi.diy" = "http://localhost:${toString config.services.adguardhome.port}";
 }