Simmer/nixos
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Move from features to option based configuration

Browse Source
This commit is contained in:
Ethan Simmons
2024-06-02 20:34:55 -05:00
parent 488fbf47fb
commit 21e825b2d1
28 changed files with 729 additions and 179 deletions
Download Patch File Download Diff File Expand all files Collapse all files

74
modules/nix/networking.nix Normal file
View File

@@ -0,0 +1,74 @@
{ lib
, pkgs
, localPackages
, config
, ...
}:
with lib; let
cfg = config.simmer.networking;
openssh = config.simmer.openssh;
in
{
options.simmer.networking = {
firewall = {
enable = mkOption {
description = "Whether to enable firewall";
type = types.bool;
default = true;
};
allowedTCPPorts = mkOption {
description = "Which tcp ports to allow through firewall";
type = types.listOf types.int;
default = []
++ optional openssh.enable openssh.port;
};
allowedUDPPorts = mkOption {
description = "Which udp ports to allow through firewall";
type = types.listOf types.int;
default = [];
};
};
wireguard = {
enable = mkOption {
description = "Whether to install wireguard";
type = types.bool;
default = false;
};
};
networkmanager = {
enable = mkOption {
description = "Whether to enable network manager";
type = types.bool;
default = true;
};
};
nameservers = mkOption {
description = "Which nameservers to use";
type = types.listOf types.str;
default = [ "1.1.1.1" ];
};
};
config = {
environment.systemPackages = with pkgs; [
ldns
]
++ optional cfg.wireguard.enable wireguard-tools;
networking.networkmanager.enable = cfg.networkmanager.enable;
networking.nameservers = cfg.nameservers;
networking.firewall = {
enable = cfg.firewall.enable;
allowedTCPPorts = cfg.firewall.allowedTCPPorts;
allowedUDPPorts = cfg.firewall.allowedUDPPorts;
};
};
}