class firewall::rules::in::postgres (
  Array[Stdlib::Port] $ports = [5432],
) {

  $ports.each |$port| {
    nftables::rule { "default_in-postgres_${port}":
      content => "tcp dport ${port} accept",
    }
  }
}