From bef258cfecbb94e674f0bbcedf06b9ee8eda2100 Mon Sep 17 00:00:00 2001
From: NaeiKinDus <git@0x2a.ninja>
Date: Mon, 24 Mar 2025 00:00:00 +0000
Subject: [PATCH] feat(security): added nft rule to allow outgoing git queries
 (clone using git://)

---
 .../security/templates/system/nftables.d/egress_git.nft.j2   | 5 +++++
 1 file changed, 5 insertions(+)
 create mode 100644 ansible_collections/nullified/infrastructure/roles/security/templates/system/nftables.d/egress_git.nft.j2

diff --git a/ansible_collections/nullified/infrastructure/roles/security/templates/system/nftables.d/egress_git.nft.j2 b/ansible_collections/nullified/infrastructure/roles/security/templates/system/nftables.d/egress_git.nft.j2
new file mode 100644
index 0000000..83cad84
--- /dev/null
+++ b/ansible_collections/nullified/infrastructure/roles/security/templates/system/nftables.d/egress_git.nft.j2
@@ -0,0 +1,5 @@
+table inet filter {
+    chain output {
+        tcp dport 9418 accept
+    }
+}