From d93bdd8493baade90f603850f144f6b7cdc25440 Mon Sep 17 00:00:00 2001
From: h7x4 <h7x4@nani.wtf>
Date: Thu, 15 Jan 2026 17:38:22 +0900
Subject: [PATCH] journald-upload: use ipv4 temporarily, restrict firewall to
 ildkule

---
 base/services/journald-upload.nix | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/base/services/journald-upload.nix b/base/services/journald-upload.nix
index cf2c07d..1d84d98 100644
--- a/base/services/journald-upload.nix
+++ b/base/services/journald-upload.nix
@@ -6,7 +6,8 @@ in
   services.journald.upload = {
     enable = lib.mkDefault true;
     settings.Upload = {
-      URL = "https://journald.pvv.ntnu.no:${toString config.services.journald.remote.port}";
+      # URL = "https://journald.pvv.ntnu.no:${toString config.services.journald.remote.port}";
+      URL = "https://${values.hosts.ildkule.ipv4}:${toString config.services.journald.remote.port}";
       ServerKeyFile = "-";
       ServerCertificateFile = "-";
       TrustedCertificateFile = "-";
@@ -16,10 +17,8 @@ in
   systemd.services."systemd-journal-upload".serviceConfig = lib.mkIf cfg.enable {
     IPAddressDeny = "any";
     IPAddressAllow = [
-      "127.0.0.1"
-      "::1"
-      values.ipv4-space
-      values.ipv6-space
+      values.hosts.ildkule.ipv4
+      values.hosts.ildkule.ipv6
     ];
   };
 }