From a1f2e2a1d60e395878b9af4a51ef2ce1a4e373b5 Mon Sep 17 00:00:00 2001
From: Astro <astro@spaceboyz.net>
Date: Sun, 18 Dec 2022 23:55:03 +0100
Subject: [PATCH] nixos-module/container/upstream: allow smtp from flpk too

---
 nix/nixos-module/container/upstream.nix | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/nix/nixos-module/container/upstream.nix b/nix/nixos-module/container/upstream.nix
index c61df81..f0b530e 100644
--- a/nix/nixos-module/container/upstream.nix
+++ b/nix/nixos-module/container/upstream.nix
@@ -77,6 +77,7 @@ in
       iptables -N fwd_smtp || \
         iptables -F fwd_smtp
       iptables -A fwd_smtp --source ${config.site.net.serv.subnet4} -j RETURN
+      iptables -A fwd_smtp --source ${config.site.net.flpk.subnet4} -j RETURN
       iptables -A fwd_smtp -j REJECT
       iptables -I FORWARD -p tcp --dport 25 -j fwd_smtp
 
@@ -85,7 +86,10 @@ in
       ${lib.concatMapStrings (subnet6: ''
         ip6tables -A fwd_smtp --source ${subnet6} -j RETURN
         ip6tables -A fwd_smtp --dest ${subnet6} -j RETURN
-      '') (builtins.attrValues config.site.net.serv.subnets6)}
+      '') (builtins.concatMap builtins.attrValues [
+        config.site.net.serv.subnets6
+        config.site.net.flpk.subnets6
+      ])}
       ip6tables -A fwd_smtp -j REJECT
       ip6tables -I FORWARD -p tcp --dport 25 -j fwd_smtp