diff options
author | aszlig <aszlig@redmoonstudios.org> | 2016-04-12 05:13:04 +0200 |
---|---|---|
committer | aszlig <aszlig@redmoonstudios.org> | 2016-04-12 05:16:15 +0200 |
commit | ce0954020c71007b7a9ec2822949d31f18aea170 (patch) | |
tree | 78ff2fbe4c581e5e3e26e65afa5242feeb26293d /nixos/modules/services/misc/taskserver | |
parent | 5be76d0b552ae5222cc8748baef2138c7acd91d4 (diff) | |
download | nixlib-ce0954020c71007b7a9ec2822949d31f18aea170.tar nixlib-ce0954020c71007b7a9ec2822949d31f18aea170.tar.gz nixlib-ce0954020c71007b7a9ec2822949d31f18aea170.tar.bz2 nixlib-ce0954020c71007b7a9ec2822949d31f18aea170.tar.lz nixlib-ce0954020c71007b7a9ec2822949d31f18aea170.tar.xz nixlib-ce0954020c71007b7a9ec2822949d31f18aea170.tar.zst nixlib-ce0954020c71007b7a9ec2822949d31f18aea170.zip |
nixos/taskserver: Set allowedTCPPorts accordingly
As suggested by @matthiasbeyer: "We might add a short note that this port has to be opened in the firewall, or is this done by the service automatically?" This commit now adds the listenPort to networking.firewall.allowedTCPPorts as soon as the listenHost is not "localhost". In addition to that, this is now also documented in the listenHost option declaration and I have removed disabling of the firewall from the VM test. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Diffstat (limited to 'nixos/modules/services/misc/taskserver')
-rw-r--r-- | nixos/modules/services/misc/taskserver/default.nix | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/nixos/modules/services/misc/taskserver/default.nix b/nixos/modules/services/misc/taskserver/default.nix index 520a9c2ee1e5..8054dbe9f662 100644 --- a/nixos/modules/services/misc/taskserver/default.nix +++ b/nixos/modules/services/misc/taskserver/default.nix @@ -324,8 +324,13 @@ in { listenHost = mkOption { type = types.str; default = "localhost"; + example = "::"; description = '' The address (IPv4, IPv6 or DNS) to listen on. + + If the value is something else than <literal>localhost</literal> the + port defined by <option>listenPort</option> is automatically added to + <option>networking.firewall.allowedTCPPorts</option>. ''; }; @@ -519,6 +524,9 @@ in { ''; }; }) + (mkIf (cfg.listenHost != "localhost") { + networking.firewall.allowedTCPPorts = [ cfg.listenPort ]; + }) { meta.doc = ./taskserver.xml; } ]; } |