Skynet/nixos
7
1
Fork 0
Code Issues 45 Pull requests 1 Projects Releases Packages Wiki Activity Actions

feat: added a formatter and some instructions

Browse source
This commit is contained in:
silver 2023-09-17 20:51:08 +01:00
parent 14ae0a9065
commit 7f3dc8946e
39 changed files with 1739 additions and 1348 deletions
Download patch file Download diff file Expand all files Collapse all files

34
applications/firewall.nix
View file

@ -1,5 +1,9 @@
{lib, pkgs, config, ...}: {
{
lib,
pkgs,
config,
...
}: {
# using https://github.com/greaka/ops/blob/818be4c4dea9129abe0f086d738df4cb0bb38288/apps/restic/options.nix as a base
options = {
skynet_firewall = {
@ -10,7 +14,7 @@
type = lib.types.bool;
};
forward = lib.mkOption {
default = [ ];
default = [];
type = lib.types.listOf lib.types.str;
description = ''
A list of routes to forward
@ -19,16 +23,16 @@
own = {
ip = lib.mkOption {
default = "127.0.0.1";
type = lib.types.str;
description = ''
IP of the firewall
'';
default = "127.0.0.1";
type = lib.types.str;
description = ''
IP of the firewall
'';
};
ports = {
tcp = lib.mkOption {
default = [ ];
default = [];
type = lib.types.listOf lib.types.int;
description = ''
A list of TCP ports for the machiene running the firewall
@ -36,15 +40,13 @@
};
udp = lib.mkOption {
default = [ ];
default = [];
type = lib.types.listOf lib.types.int;
description = ''
A list of UDP ports for the machiene running the firewall
'';
};
};
};
};
};
@ -56,8 +58,7 @@
# fules for the firewall
# beware of EOL conversion.
networking.nftables.ruleset =
''
networking.nftables.ruleset = ''
# using https://oxcrag.net/2021/12/25/build-your-own-router-with-nftables-part-1/ as a guide
# Clear out any existing rules
@ -164,9 +165,6 @@
}
}
'';
'';
};
}