From fa0ac3a988f8ec5684141ce4817bdb3b56e05d0d Mon Sep 17 00:00:00 2001
From: Julien Malka <julien@malka.sh>
Date: Thu, 12 Dec 2024 22:57:50 +0100
Subject: [PATCH] fix(gustave/nsd): actually open port 53 over tcp for zone
 transfers

---
 machines/gustave/nsd.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/machines/gustave/nsd.nix b/machines/gustave/nsd.nix
index d3f3a84..a541af7 100644
--- a/machines/gustave/nsd.nix
+++ b/machines/gustave/nsd.nix
@@ -99,6 +99,7 @@ lib.mkMerge [
     '';
 
     networking.firewall.allowedUDPPorts = [ 53 ];
+    networking.firewall.allowedTCPPorts = [ 53 ];
 
     machine.meta.zones."luj.fr".A = [ config.machine.meta.ips.public.ipv4 ];
     machine.meta.zones."luj.fr".AAAA = [ config.machine.meta.ips.public.ipv6 ];