ports refactor

services/caddy.nix

@@ -113,14 +113,14 @@ in
   systemd.packages = with pkgs; [ nssTools ];
 
   networking.firewall.allowedTCPPorts = [
-    service_configs.ports.https
+    service_configs.ports.public.https.port
 
     # http (but really acmeCA challenges)
-    service_configs.ports.http
+    service_configs.ports.public.http.port
   ];
 
   networking.firewall.allowedUDPPorts = [
-    service_configs.ports.https
+    service_configs.ports.public.https.port
   ];
 
   # Protect Caddy basic auth endpoints from brute force attacks