mpuppe/financier-nix
1
0
Fork 0
mirror of https://codeberg.org/puppe/financier-nix.git synced 2025-12-20 00:12:17 +01:00
Code Issues Projects Releases Packages Wiki Activity

Add option to disable opening ports in the firewall

Browse source
This commit is contained in:
Martin Puppe 2024-08-08 09:11:11 +02:00
parent 8b220374b8
commit 1941fe8267
1 changed files with 21 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

26
module.nix
View file

@ -1,7 +1,9 @@
{ config, lib, pkgs, system, ... }: { config, lib, ... }:
with lib; with lib;
let cfg = config.services.financier; let
in { cfg = config.services.financier;
in
{
imports = [ ]; imports = [ ];
options.services.financier = { options.services.financier = {
@ -15,6 +17,14 @@ in {
example = "example.org"; example = "example.org";
}; };
openFirewall = mkOption {
description = ''
Whether to open ports 80 and 443 in the firewall for the web server that is serving financier.
'';
type = types.bool;
default = true;
};
package = mkOption { package = mkOption {
type = types.package; type = types.package;
description = '' description = ''
@ -23,7 +33,10 @@ in {
}; };
server = mkOption { server = mkOption {
type = types.enum [ "nginx" "caddy" ]; type = types.enum [
"nginx"
"caddy"
];
description = '' description = ''
The web server to be used for serving Financier. Either "nginx" The web server to be used for serving Financier. Either "nginx"
or "caddy". or "caddy".
@ -34,7 +47,10 @@ in {
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
networking.firewall.allowedTCPPorts = [ 80 443 ]; networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [
80
443
];
services.nginx = mkIf (cfg.server == "nginx") { services.nginx = mkIf (cfg.server == "nginx") {
enable = true; enable = true;