From ecd73f4e1c1b6993c7df73d93d92bcc06752b4f4 Mon Sep 17 00:00:00 2001
From: Robin Raymond <robin@robinraymond.de>
Date: Sun, 13 Aug 2017 14:20:02 +0200
Subject: [PATCH] firewall respects settings

---
 mail-server/networking.nix | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/mail-server/networking.nix b/mail-server/networking.nix
index b4397c0..bd8ccd2 100644
--- a/mail-server/networking.nix
+++ b/mail-server/networking.nix
@@ -14,13 +14,15 @@
 #  You should have received a copy of the GNU General Public License
 #  along with this program. If not, see <http://www.gnu.org/licenses/>
 
-{ domain, host_prefix }:
+{ domain, host_prefix, enable_imap, enable_pop3 }:
 
 {
   hostName = "${host_prefix}.${domain}";
 
   firewall = {
     enable = true;
-    allowedTCPPorts = [ 25 143 587 ]; # < TODO: make this flexible
+    allowedTCPPorts = [ 25 587 ]
+      ++ (if enable_imap then [ 143 ] else [])
+      ++ (if enable_pop3 then [ 110 ] else []);
   };
 }