diff --git a/machines/solis/configuration.nix b/machines/solis/configuration.nix
index b16590f..1bd1566 100644
--- a/machines/solis/configuration.nix
+++ b/machines/solis/configuration.nix
@@ -8,6 +8,4 @@
   horseman.stateVersion = "24.11";
 
   networking.hostName = "solis";
-
-  networking.firewall.allowedTCPPorts = [3000 3001];
 }
diff --git a/modules/containers/forgejo.nix b/modules/containers/forgejo.nix
index 51bdb1a..41da5bd 100644
--- a/modules/containers/forgejo.nix
+++ b/modules/containers/forgejo.nix
@@ -1,6 +1,4 @@
 {
-  inputs,
-  outputs,
   lib,
   config,
   pkgs,
@@ -23,7 +21,7 @@ in {
       };
 
       sshPort = mkOption {
-        default = 34916;
+        default = 16718;
         type = types.int;
       };
 
diff --git a/modules/containers/nginx.nix b/modules/containers/nginx.nix
index 4a2d81b..fe9283d 100644
--- a/modules/containers/nginx.nix
+++ b/modules/containers/nginx.nix
@@ -27,10 +27,14 @@ in {
     services.nginx = {
       enable = true;
 
-      streamConfig = ''
+      # forwards SSH traffic to the git instance
+      streamConfig = let
+        port = toString config.horseman.containers.forgejo.sshPort;
+        addr = config.containers.forgejo.localAddress;
+      in ''
         server {
-          listen ${toString config.horseman.containers.forgejo.sshPort};
-          proxy_pass ${config.containers.forgejo.localAddress}:${toString config.horseman.containers.forgejo.sshPort};
+          listen ${port};
+          proxy_pass ${addr}:${port};
         }
       '';