From b2027bd283c9d115ec50c65a8a0c8085c2decfbb Mon Sep 17 00:00:00 2001
From: Harald Hoyer <harald@hoyer.xyz>
Date: Sun, 3 May 2026 13:44:09 +0200
Subject: [PATCH] sgx/network: open TCP 8000-8999 in firewall

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
---
 systems/x86_64-linux/sgx/network.nix | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/systems/x86_64-linux/sgx/network.nix b/systems/x86_64-linux/sgx/network.nix
index acf37e1..58ab749 100644
--- a/systems/x86_64-linux/sgx/network.nix
+++ b/systems/x86_64-linux/sgx/network.nix
@@ -60,6 +60,12 @@
     22000
     config.services.netatalk.port
   ];
+  networking.firewall.allowedTCPPortRanges = [
+    {
+      from = 8000;
+      to = 8999;
+    }
+  ];
   networking.firewall.allowedUDPPorts = [
     5355
     22000