From bca574d19d75ee5631c96b943942ba50d0d837f5 Mon Sep 17 00:00:00 2001
From: Ingolf Wagner <contact@ingolf-wagner.de>
Date: Thu, 3 Apr 2025 16:51:17 +0200
Subject: [PATCH] :wheelchair: make photoprism available via zerotier

---
 machines/orbi/service-photoprism.nix | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/machines/orbi/service-photoprism.nix b/machines/orbi/service-photoprism.nix
index 00723fa..f8df7fa 100644
--- a/machines/orbi/service-photoprism.nix
+++ b/machines/orbi/service-photoprism.nix
@@ -4,6 +4,7 @@
   lib,
   components,
   inputs,
+  zerotierInterface,
   ...
 }:
 let
@@ -14,17 +15,19 @@ in
 {
 
   networking.firewall.interfaces.wg0.allowedTCPPorts = [ photoprismPort ];
-  # networking.firewall.interfaces.wg0.allowedUDPPorts = [ photoprismPort ];
 
   healthchecks.closed.public.ports.photoprism = [
     photoprismPort
     mysqlPort
   ];
+
   healthchecks.http.photoprism = {
     url = "http://10.100.0.1:2342/library/login";
     expectedContent = "AI-Powered Photos App";
   };
 
+  networking.firewall.interfaces.${zerotierInterface}.allowedTCPPorts = [ photoprismPort ];
+
   containers.photoprism = {
     privateNetwork = false;
     autoStart = true;