31 lines
558 B
Nix
31 lines
558 B
Nix
{
|
|
config,
|
|
lib,
|
|
...
|
|
}:
|
|
|
|
{
|
|
imports = [ ];
|
|
|
|
options.me = {
|
|
firewall.enable = lib.mkOption {
|
|
type = lib.types.bool;
|
|
default = false;
|
|
example = true;
|
|
description = "Whether we want to install firewall.";
|
|
};
|
|
};
|
|
|
|
config = lib.mkIf config.me.firewall.enable {
|
|
# Open ports in the firewall.
|
|
networking.firewall.allowedTCPPorts = [
|
|
22 # ssh
|
|
];
|
|
networking.firewall.allowedUDPPorts = [
|
|
5353 # mDNS
|
|
];
|
|
# Or disable the firewall altogether.
|
|
# networking.firewall.enable = false;
|
|
};
|
|
}
|