From 995bb58c6f55bfd47b02c50760e66b7b4a54eab4 Mon Sep 17 00:00:00 2001
From: Natsu Kagami <nki@nkagami.me>
Date: Mon, 29 May 2023 17:41:32 +0200
Subject: [PATCH] Don't listen on 80

---
 modules/cloud/traefik/default.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/cloud/traefik/default.nix b/modules/cloud/traefik/default.nix
index 89a994c..de30858 100644
--- a/modules/cloud/traefik/default.nix
+++ b/modules/cloud/traefik/default.nix
@@ -85,7 +85,7 @@ in
   config.systemd.services.traefik.environment.CF_DNS_API_TOKEN_FILE = cfg.cloudflareKeyFile;
 
   # Set up firewall to allow traefik traffic.
-  config.networking.firewall.allowedTCPPorts = [ 80 443 993 587 465 ];
+  config.networking.firewall.allowedTCPPorts = [ 443 993 587 465 ];
   config.networking.firewall.allowedUDPPorts = [
     443 # QUIC
     51820 # Wireguard