NixOps: setting deployment.targetPort option when SSH listens on different ports for IPv4 and IPv6

I have a server which listens for SSH on port 22 for both IPv4 and IPv6. The server is located at customer’s facility and the port 22 being taken already, the network administrator has set up a port forwarding from external port 2222 to internal port 22.

That means that remotely the server can be accessed either with an IPv4 on port 2222 or an IPv6 on port 22.

I have a domain name with a DNS record A on the IPv4 and a DNS record AAAA on the IPv6.

When it comes to NixOps, I have set up the deployment.targetHost option to the domain name

  • What would make sense for deployment.targetPort in that case?
  • What governs the choice of NixOps between IPv4 versus IPv6 to connect to the server?

Note that I could make my server listens for SSH on port 2222 and ask the network administrator to update the port forwarding accordingly. My server would then be accessible remotely on port 2222 with both IPv4 and IPv6 and then deployment.targetPort would just be set to 2222. But I am not interested about this work around.

If deployment.targetPort is set to 22, NixOps deploys quickly.
If deployment.targetPort is set to 2222, NixOps is taking a noticeable longer time to deploy.

So it seems IPv6 is preferred in my deployment machine configuration. If I want to use IPv4 (port 2222), setting AddressFamily inet in the SSH config will fix the delay problem.