nixos/nix-serve: add openFirewall option

2 years ago · ecda6429f2
parent dfa93a4725
commit ecda6429f2
1 changed files with 10 additions and 0 deletions
--- a/nixos/modules/services/networking/nix-serve.nix
+++ b/nixos/modules/services/networking/nix-serve.nix
@ -26,6 +26,12 @@ in
        '';
      };

+      openFirewall = mkOption {
+        type = types.bool;
+        default = false;
+        description = "Open ports in the firewall for nix-serve.";
+      };
+
      secretKeyFile = mkOption {
        type = types.nullOr types.str;
        default = null;
@ -77,5 +83,9 @@ in
          "NIX_SECRET_KEY_FILE:${cfg.secretKeyFile}";
      };
    };
+
+    networking.firewall = mkIf cfg.openFirewall {
+      allowedTCPPorts = [ cfg.port ];
+    };
  };
 }