From aadd7d26b326940e18c786abfd0d5e01fcc93d96 Mon Sep 17 00:00:00 2001 From: Gliczy <129636582+Gliczy@users.noreply.github.com> Date: Fri, 13 Jun 2025 01:38:58 +0200 Subject: [PATCH] opensnitch: add `package` option --- nixos/modules/services/security/opensnitch.nix | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/nixos/modules/services/security/opensnitch.nix b/nixos/modules/services/security/opensnitch.nix index c56501c98a5f..7695231226bf 100644 --- a/nixos/modules/services/security/opensnitch.nix +++ b/nixos/modules/services/security/opensnitch.nix @@ -13,12 +13,12 @@ let file = pkgs.writeText "rule" (builtins.toJSON cfg); } ); - in { options = { services.opensnitch = { enable = lib.mkEnableOption "Opensnitch application firewall"; + package = lib.mkPackageOption pkgs "opensnitch" { }; rules = lib.mkOption { default = { }; @@ -192,13 +192,13 @@ in services.opensnitch.settings = lib.mapAttrs (_: v: lib.mkDefault v) ( builtins.fromJSON ( builtins.unsafeDiscardStringContext ( - builtins.readFile "${pkgs.opensnitch}/etc/opensnitchd/default-config.json" + builtins.readFile "${cfg.package}/etc/opensnitchd/default-config.json" ) ) ); systemd = { - packages = [ pkgs.opensnitch ]; + packages = [ cfg.package ]; services.opensnitchd = { wantedBy = [ "multi-user.target" ]; serviceConfig = { @@ -210,7 +210,7 @@ in in [ "" - "${pkgs.opensnitch}/bin/opensnitchd --config-file ${format.generate "default-config.json" preparedSettings}" + "${cfg.package}/bin/opensnitchd --config-file ${format.generate "default-config.json" preparedSettings}" ]; }; preStart = lib.mkIf (cfg.rules != { }) ( @@ -245,7 +245,7 @@ in }; tmpfiles.rules = [ "d ${cfg.settings.Rules.Path} 0750 root root - -" - "L+ /etc/opensnitchd/system-fw.json - - - - ${pkgs.opensnitch}/etc/opensnitchd/system-fw.json" + "L+ /etc/opensnitchd/system-fw.json - - - - ${cfg.package}/etc/opensnitchd/system-fw.json" ]; };