Simmer/nixos
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
929d40d01cbbf5705537dc0d7f6567d430dcc23e
nixos/modules/nix/networking.nix

75 lines
1.9 KiB
Nix
Raw Blame History

{ lib
, pkgs
, localPackages
, config
, ...
}:
with lib; let
cfg = config.simmer.networking;
openssh = config.simmer.openssh;
in
{
options.simmer.networking = {
firewall = {
enable = mkOption {
description = "Whether to enable firewall";
type = types.bool;
default = true;
};
allowedTCPPorts = mkOption {
description = "Which tcp ports to allow through firewall";
type = types.listOf types.int;
default = []
++ optional openssh.enable openssh.port;
};
allowedUDPPorts = mkOption {
description = "Which udp ports to allow through firewall";
type = types.listOf types.int;
default = [];
};
};
wireguard = {
enable = mkOption {
description = "Whether to install wireguard";
type = types.bool;
default = false;
};
};
networkmanager = {
enable = mkOption {
description = "Whether to enable network manager";
type = types.bool;
default = true;
};
};
nameservers = mkOption {
description = "Which nameservers to use";
type = types.listOf types.str;
default = [ "1.1.1.1" ];
};
};
config = {
environment.systemPackages = with pkgs; [
ldns
]
++ optional cfg.wireguard.enable wireguard-tools;
networking.networkmanager.enable = cfg.networkmanager.enable;
networking.nameservers = cfg.nameservers;
networking.firewall = {
enable = cfg.firewall.enable;
allowedTCPPorts = cfg.firewall.allowedTCPPorts;
allowedUDPPorts = cfg.firewall.allowedUDPPorts;
};
};
}
Reference in New Issue View Git Blame Copy Permalink