28 lines
561 B
Nix
28 lines
561 B
Nix
{ config, lib, ... }:
|
|
|
|
let
|
|
inherit (lib) mkOption types;
|
|
cfg = config.pepe.core.firewall;
|
|
in
|
|
{
|
|
options.pepe.core.firewall = {
|
|
openTCP = mkOption {
|
|
type = types.listOf types.int;
|
|
default = [ ];
|
|
description = "TCP ports to open in the firewall";
|
|
};
|
|
openUDP = mkOption {
|
|
type = types.listOf types.int;
|
|
default = [ ];
|
|
description = "UDP ports to open in the firewall";
|
|
};
|
|
};
|
|
|
|
config = {
|
|
networking.firewall = {
|
|
allowedTCPPorts = cfg.openTCP;
|
|
allowedUDPPorts = cfg.openUDP;
|
|
};
|
|
};
|
|
}
|