ssh nixdesk on public port 2050 prob doesnt work

hosts/nixdesk/default.nix

@@ -14,6 +14,7 @@
       ./profiles/wireguard.nix
       ./profiles/restic-server.nix
       ./profiles/autologin.nix
+      ./profiles/ssh-public-port-2050.nix
 
       inputs.impermanence.nixosModules.impermanence
       inputs.stylix.nixosModules.stylix

hosts/nixdesk/profiles/ssh-public-port-2050.nix

@@ -0,0 +1,17 @@
+{pkgs, ...}: {
+  # services.openssh.ports = [22 2050];
+  systemd.services.port2050-natpmp = {
+    bindsTo = ["sshd"]; # might not work
+    confinement = {
+      enable = true;
+      mode = "chroot-only";
+    };
+    serviceConfig.ExecStart = ''
+      while true
+      do
+        ${pkgs.libnatpmp}/bin/natpmpc -a 2050 22 tcp 60
+        sleep 30
+      done
+    '';
+  };
+}