Make config.machine.firewall an alias of networking.firewall.

This commit is contained in:
Kevin Baensch 2019-08-27 16:24:59 +02:00
parent 5d017ce18f
commit be5ef36567
6 changed files with 6 additions and 50 deletions

View file

@ -5,14 +5,5 @@ let
in {
networking = {
hostName = config.machine.hostName;
firewall = {
enable = true;
allowPing = firewallcfg.allowPing;
allowedUDPPorts = firewallcfg.allowedUDPPorts;
allowedTCPPorts = firewallcfg.allowedTCPPorts;
allowedUDPPortRanges = firewallcfg.allowedUDPPortRanges;
allowedTCPPortRanges = firewallcfg.allowedTCPPortRanges;
};
};
}

View file

@ -32,11 +32,10 @@ with lib;
"openssh"
];
firewall = {
enable = true;
allowPing = false;
allowedUDPPorts = [ 22 80 443 ];
allowedTCPPorts = [ 80 443 ];
allowedUDPPortRanges = [];
allowedTCPPortRanges = [];
};
};
}

View file

@ -34,11 +34,10 @@ with lib;
{ domain = "mail.${base}"; service = "mail"; }
]);
firewall = {
enable = true;
allowPing = false;
allowedUDPPorts = [ 22 80 443 ];
allowedTCPPorts = [ 80 443 ];
allowedUDPPortRanges = [];
allowedTCPPortRanges = [];
};
};
}

View file

@ -36,9 +36,8 @@ with lib;
"cups"
];
firewall = {
enable = true;
allowPing = true;
allowedUDPPorts = [];
allowedTCPPorts = [];
allowedUDPPortRanges = [ { from = 1714; to = 1764; } ];
allowedTCPPortRanges = [ { from = 1714; to = 1764; } ];
};

View file

@ -43,11 +43,10 @@ with lib;
{ domain = "git.${base}"; service = "gitea"; }
]);
firewall = {
enable = true;
allowPing = false;
allowedUDPPorts = [ 22 80 443 ];
allowedTCPPorts = [ 80 443 ]; # 5222 5269 ];
allowedUDPPortRanges = [];
allowedTCPPortRanges = [];
allowedTCPPorts = [ 80 443 ];
};
};
config.services.mailman3 = {

View file

@ -59,38 +59,6 @@ with lib;
Domain - Service mappings for nginx vHost config.
'';
};
firewall = {
allowPing = mkOption {
type = types.bool;
description = ''
See networking.firewall.allowPing.
'';
};
allowedUDPPorts = mkOption {
type = types.listOf types.int;
description = ''
See networking.firewall.allowerdUDPPorts.
'';
};
allowedTCPPorts = mkOption {
type = types.listOf types.int;
description = ''
See networking.firewall.allowedTCPPorts.
'';
};
allowedUDPPortRanges = mkOption {
type = types.listOf (types.attrsOf types.int);
description = ''
See networking.firewall.allowerdUDPPortRanges.
'';
};
allowedTCPPortRanges = mkOption {
type = types.listOf (types.attrsOf types.int);
description = ''
See networking.firewall.allowedTCPPortRanges.
'';
};
};
desktop.wms = mkOption {
type = types.listOf types.string;
default = [];
@ -99,4 +67,5 @@ with lib;
'';
};
};
imports = [(mkAliasOptionModule [ "machine" "firewall" ] [ "networking" "firewall" ])];
}