Custom IPTable rules

[1985kasper]

Is your feature request related to a problem? Please describe. At the moment I have the following use case:

I run a debian server in the cloud that one of my home machines connects to using wireguard. This has all been setup manually. The server allows certain ports to be accessed from the outside since the machine connected to it runs a web and plex server

Describe the solution you'd like Be able to input custom ports that will be added as iptable rules in the wireguard server config.

Can you confirm it's currently supported to ssh into the algo server and make these changes manually?

My use case is that i don't want to expose my home IP publicly. But i still want to be able to run a webserver (for reverse proxy mostly) and plex server. This adds a extra layer of security since my ISP provides a static IP. In case of a breach i simply destroy the VPN server and setup a new one so the IP changes. It would be great to be able to automate this.

[davidemyers]

Can you confirm it's currently supported to ssh into the algo server and make these changes manually?

The document AlgoVPN and Firewalls tells you where Algo stores its firewall rules, which you can change all you like.

You can add your own rules prior to deployment by editing the templates in algo/roles/common/templates.

[1985kasper]

Thank you. currently i apply custom iptable rules in the wireguard server config that are applied when the server goes up and removed again if the tunnel goes down. Would be great if this could be automated :)