diff --git a/templates/nftables.j2 b/templates/nftables.j2
index 4485ed9..a9caaa0 100644
--- a/templates/nftables.j2
+++ b/templates/nftables.j2
@@ -20,6 +20,7 @@ table ip filter {
     ip protocol icmp accept
 
     iifname "br0" tcp dport {{ ssh_port }} accept comment "SSH"
+    iifname "br0" tcp dport {{ gitlab_ssh_port }} accept comment "Gitlab SSH"
     iifname "br0" tcp dport { {{ http_port }}, {{ https_port }} } accept comment "HTTP/HTTPS"
     iifname "br0" tcp dport {{ transmission_port }} accept comment "Transmission"
 
diff --git a/vars/network.yml b/vars/network.yml
index 0541ef2..b7917fa 100644
--- a/vars/network.yml
+++ b/vars/network.yml
@@ -20,5 +20,7 @@ newsreader_ip: '192.168.178.63'
 sentry_ip: '127.0.0.1'
 sentry_port: '9000'
 
+gitlab_ssh_port: '22'
+
 radicale_listen_addres: '127.0.0.1'
 radicale_port: 5232