nixosModules/firewall.nix at main · bwc9876.dev/nixos-config

bwc9876.dev / nixos-config

fork atom

Flake for my NixOS devices

fork atom

nixos-config / nixosModules / firewall.nix

at main 21 lines 643 B view raw

wrap content

bwc9876.dev NixOS config, aperture almost done 4mo ago

de908872

 1{...}: {
 2  config,
 3  lib,
 4  ...
 5}: {
 6  options.cow.firewall.openForUsers = lib.mkEnableOption "Opening firewall from HM configs for all users";
 7
 8  config = lib.mkIf (config.cow.hm.enable
 9    && config.cow.firewall.openForUsers) (
10    let
11      getFirewall = lib.attrByPath ["cow" "firewall"] {};
12      allFirewalls = map getFirewall (builtins.attrValues config.home-manager.users);
13      selectPortType = ty: builtins.foldl' (acc: elem: acc ++ elem.${ty}) [];
14    in {
15      networking.firewall = {
16        allowedTCPPorts = selectPortType "tcp" allFirewalls;
17        allowedUDPPorts = selectPortType "udp" allFirewalls;
18      };
19    }
20  );
21}