christoph/flake-nixinator
1
Fork 0
Code Activity

Fix some bugs from new systemd-networkd module

Browse Source
This commit is contained in:
Christoph Urlacher
2023-05-24 14:52:55 +02:00
parent 9379d326ca
commit c46b68b7dc
3 changed files with 48 additions and 55 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
system/modules/systemd-networkd/default.nix
View File

@ -9,10 +9,9 @@
with lib;
with mylib.networking;
with mylib.modules; let
cfg = config.modules.network;
cfg = config.modules.systemd-networkd;
in {
options.modules.network = import ./options.nix {inherit lib mylib;};
options.modules.systemd-networkd = import ./options.nix {inherit lib mylib;};
config = mkIf cfg.enable {
services.resolved.enable = true;
@ -57,19 +56,9 @@ in {
];
allowedTCPPorts = cfg.allowedTCPPorts;
# allowedTCPPorts = [
# 22 # SSH
# 80 # HTTP
# 443 # HTTPS
# ];
# allowedTCPPortRanges = [];
allowedUDPPorts = cfg.allowedUDPPorts;
# allowedUDPPorts = [
# 9918 # Wireguard
# 18000 # Anno 1800
# 24727 # AusweisApp2, alternative: programs.ausweisapp.openFirewall
# ];
# allowedUDPPortRanges = [];
};
};

8
system/modules/systemd-networkd/options.nix
View File

@ -16,7 +16,7 @@ with mylib.modules; {
};
networks = mkOption {
type = types.attrSet;
type = types.attrs;
default = {};
description = "Systemd-Networkd Networks";
example = ''
@ -29,7 +29,7 @@ with mylib.modules; {
};
wireguard-tunnels = mkOption {
type = types.attrSet;
type = types.attrs;
default = {};
description = "Wireguard VPN Tunnels";
example = ''
@ -40,7 +40,7 @@ with mylib.modules; {
};
allowedTCPPorts = mkOption {
type = types.list;
type = types.listOf types.int;
default = [];
description = "Open TCP Ports in the Firewall";
example = ''
@ -49,7 +49,7 @@ with mylib.modules; {
};
allowedUDPPorts = mkOption {
type = types.list;
type = types.listOf types.int;
default = [];
description = "Open UDP Ports in the Firewall";
example = ''