From 01808ecf8435140314b85a5386e04f543cce2f7c Mon Sep 17 00:00:00 2001
From: Eli Ribble <eli@gleipnir.technology>
Date: Sat, 12 Apr 2025 08:58:30 -0700
Subject: [PATCH] Only bind mysql to the localhost address

That way its not addressable from outside.
---
 anythingforafriend/etc/nixos/configuration.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/anythingforafriend/etc/nixos/configuration.nix b/anythingforafriend/etc/nixos/configuration.nix
index 8ee5b94..c0db9be 100644
--- a/anythingforafriend/etc/nixos/configuration.nix
+++ b/anythingforafriend/etc/nixos/configuration.nix
@@ -70,6 +70,7 @@
   services.mysql = {
     enable = true;
     package = pkgs.mariadb;
+    settings.mysqld.bind-address = "127.0.0.1";
   };
   services.nginx = {
     enable = true;