fix: netbird ports, currently broken

config/services/netbird.nix

@@ -3,9 +3,10 @@
   wireguard.elisabeth = {
     client.via = "elisabeth";
     firewallRuleForNode.elisabeth.allowedTCPPorts = [
-      80
+      80 # dashboard
-      3000
+      3000 # management
-      3001
+      8012 # signal
+      33080 # relay
     ];
   };
 
@@ -28,12 +29,7 @@
     group = "netbird";
   };
 
-  networking.firewall.allowedTCPPorts = [
+  networking.firewall.allowedUDPPorts = [ 3478 ]; # STUN/TURN server
-    80
-    3000
-    3001
-  ];
-  networking.firewall.allowedUDPPorts = [ 3478 ];
   services.netbird = {
     server = {
       enable = true;

hosts/elisabeth/guests.nix

@@ -153,7 +153,7 @@ in
               X-Frame-Options = "SAMEORIGIN";
             };
             "/signalexchange.SignalExchange/".extraConfig = ''
-              grpc_pass grpc://${ipOf "netbird"}:3001;
+              grpc_pass grpc://${ipOf "netbird"}:8012;
               grpc_read_timeout 1d;
               grpc_send_timeout 1d;
               grpc_socket_keepalive on;