nixos/spacecookie: add openFirewall option · pyrox.dev/nixpkgs@d1f57cb

lol

nixos/spacecookie: add openFirewall option

Convenience shortcut which automatically configures the firewall to open
the port which is also configured for the spacecookie service.

authored by

sternenseemann and committed by

sterni 5 years ago d1f57cba 58be28d7

+14 -3

2 changed files

expand all

nixos

modules

services

networking

spacecookie.nix

tests

spacecookie.nix

+13 -2

nixos/modules/services/networking/spacecookie.nix

··· 37 37 ''; 38 38 }; 39 39 40 + openFirewall = mkOption { 41 + type = types.bool; 42 + default = false; 43 + description = '' 44 + Whether to open the necessary port in the firewall for spacecookie. 45 + ''; 46 + }; 47 + 40 48 port = mkOption { 41 49 type = types.port; 42 50 default = 70; 43 51 description = '' 44 - Port the gopher service should be exposed on. The 45 - firewall is not opened automatically. 52 + Port the gopher service should be exposed on. 46 53 ''; 47 54 }; 48 55 ··· 99 106 # AF_INET replaced by BindIPv6Only=both 100 107 RestrictAddressFamilies = "AF_UNIX AF_INET6"; 101 108 }; 109 + }; 110 + 111 + networking.firewall = mkIf cfg.openFirewall { 112 + allowedTCPPorts = [ cfg.port ]; 102 113 }; 103 114 }; 104 115 }

+1 -1

nixos/tests/spacecookie.nix

··· 9 9 name = "spacecookie"; 10 10 nodes = { 11 11 ${gopherHost} = { 12 - networking.firewall.allowedTCPPorts = [ 70 ]; 13 12 systemd.services.spacecookie = { 14 13 preStart = '' 15 14 mkdir -p ${gopherRoot}/directory ··· 21 20 enable = true; 22 21 root = gopherRoot; 23 22 hostname = gopherHost; 23 + openFirewall = true; 24 24 }; 25 25 }; 26 26