diff options
author | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2013-10-30 17:37:45 +0100 |
---|---|---|
committer | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2013-10-30 18:47:43 +0100 |
commit | 408b8b5725c3e6fff75aef772da248d3e95ff414 (patch) | |
tree | 692e3b61dbbff85cc97e3becf13a1376dea04a92 /nixos/modules/services/networking | |
parent | d882e1966251880240599d3c1b31e060661506ee (diff) | |
download | nixlib-408b8b5725c3e6fff75aef772da248d3e95ff414.tar nixlib-408b8b5725c3e6fff75aef772da248d3e95ff414.tar.gz nixlib-408b8b5725c3e6fff75aef772da248d3e95ff414.tar.bz2 nixlib-408b8b5725c3e6fff75aef772da248d3e95ff414.tar.lz nixlib-408b8b5725c3e6fff75aef772da248d3e95ff414.tar.xz nixlib-408b8b5725c3e6fff75aef772da248d3e95ff414.tar.zst nixlib-408b8b5725c3e6fff75aef772da248d3e95ff414.zip |
Add lots of missing option types
Diffstat (limited to 'nixos/modules/services/networking')
-rw-r--r-- | nixos/modules/services/networking/firewall.nix | 6 | ||||
-rw-r--r-- | nixos/modules/services/networking/nat.nix | 11 | ||||
-rw-r--r-- | nixos/modules/services/networking/rpcbind.nix | 1 | ||||
-rw-r--r-- | nixos/modules/services/networking/ssh/sshd.nix | 15 |
4 files changed, 26 insertions, 7 deletions
diff --git a/nixos/modules/services/networking/firewall.nix b/nixos/modules/services/networking/firewall.nix index b24ac2d70325..4ed859c2e7ea 100644 --- a/nixos/modules/services/networking/firewall.nix +++ b/nixos/modules/services/networking/firewall.nix @@ -53,6 +53,7 @@ in options = { networking.firewall.enable = mkOption { + type = types.bool; default = false; description = '' @@ -64,6 +65,7 @@ in }; networking.firewall.logRefusedConnections = mkOption { + type = types.bool; default = true; description = '' @@ -72,6 +74,7 @@ in }; networking.firewall.logRefusedPackets = mkOption { + type = types.bool; default = false; description = '' @@ -82,6 +85,7 @@ in }; networking.firewall.logRefusedUnicastsOnly = mkOption { + type = types.bool; default = true; description = '' @@ -93,6 +97,7 @@ in }; networking.firewall.rejectPackets = mkOption { + type = types.bool; default = false; description = '' @@ -193,6 +198,7 @@ in }; networking.firewall.extraCommands = mkOption { + type = types.lines; default = ""; example = "iptables -A INPUT -p icmp -j ACCEPT"; description = diff --git a/nixos/modules/services/networking/nat.nix b/nixos/modules/services/networking/nat.nix index 9d62a764f060..ce28f0188284 100644 --- a/nixos/modules/services/networking/nat.nix +++ b/nixos/modules/services/networking/nat.nix @@ -19,6 +19,7 @@ in options = { networking.nat.enable = mkOption { + type = types.bool; default = false; description = '' @@ -27,6 +28,7 @@ in }; networking.nat.internalIPs = mkOption { + type = types.listOf types.str; example = [ "192.168.1.0/24" ] ; description = '' @@ -34,12 +36,10 @@ in coming from these networks and destined for the external interface will be rewritten. ''; - # Backward compatibility: this used to be a single range instead - # of a list. - apply = x: if isList x then x else [x]; }; networking.nat.externalInterface = mkOption { + type = types.str; example = "eth1"; description = '' @@ -48,7 +48,8 @@ in }; networking.nat.externalIP = mkOption { - default = ""; + type = types.nullOr types.str; + default = null; example = "203.0.113.123"; description = '' @@ -86,7 +87,7 @@ in '' iptables -t nat -A POSTROUTING \ -s ${network} -o ${cfg.externalInterface} \ - ${if cfg.externalIP == "" + ${if cfg.externalIP == null then "-j MASQUERADE" else "-j SNAT --to-source ${cfg.externalIP}"} '' diff --git a/nixos/modules/services/networking/rpcbind.nix b/nixos/modules/services/networking/rpcbind.nix index 00c958c5a4a2..c966f85e260d 100644 --- a/nixos/modules/services/networking/rpcbind.nix +++ b/nixos/modules/services/networking/rpcbind.nix @@ -40,6 +40,7 @@ in services.rpcbind = { enable = mkOption { + type = types.bool; default = false; description = '' Whether to enable `rpcbind', an ONC RPC directory service diff --git a/nixos/modules/services/networking/ssh/sshd.nix b/nixos/modules/services/networking/ssh/sshd.nix index 360c745f3627..48eddb3b2f60 100644 --- a/nixos/modules/services/networking/ssh/sshd.nix +++ b/nixos/modules/services/networking/ssh/sshd.nix @@ -27,7 +27,7 @@ let openssh.authorizedKeys = { keys = mkOption { - type = types.listOf types.string; + type = types.listOf types.str; default = []; description = '' A list of verbatim OpenSSH public keys that should be added to the @@ -39,6 +39,7 @@ let }; keyFiles = mkOption { + type = types.listOf types.str; default = []; description = '' A list of files each containing one OpenSSH public key that should be @@ -77,6 +78,7 @@ in services.openssh = { enable = mkOption { + type = types.bool; default = false; description = '' Whether to enable the OpenSSH secure shell daemon, which @@ -85,6 +87,7 @@ in }; forwardX11 = mkOption { + type = types.bool; default = cfgc.setXAuthLocation; description = '' Whether to allow X11 connections to be forwarded. @@ -92,6 +95,7 @@ in }; allowSFTP = mkOption { + type = types.bool; default = true; description = '' Whether to enable the SFTP subsystem in the SSH daemon. This @@ -112,6 +116,7 @@ in }; gatewayPorts = mkOption { + type = types.str; default = "no"; description = '' Specifies whether remote hosts are allowed to connect to @@ -122,6 +127,7 @@ in }; ports = mkOption { + type = types.listOf types.int; default = [22]; description = '' Specifies on which ports the SSH daemon listens. @@ -129,6 +135,7 @@ in }; passwordAuthentication = mkOption { + type = types.bool; default = true; description = '' Specifies whether password authentication is allowed. @@ -136,6 +143,7 @@ in }; challengeResponseAuthentication = mkOption { + type = types.bool; default = true; description = '' Specifies whether challenge/response authentication is allowed. @@ -143,6 +151,7 @@ in }; hostKeys = mkOption { + type = types.listOf types.attrs; default = [ { path = "/etc/ssh/ssh_host_dsa_key"; type = "dsa"; @@ -163,11 +172,13 @@ in }; authorizedKeysFiles = mkOption { + type = types.listOf types.str; default = []; description = "Files from with authorized keys are read."; }; extraConfig = mkOption { + type = types.lines; default = ""; description = "Verbatim contents of <filename>sshd_config</filename>."; }; @@ -202,7 +213,7 @@ in The path to the public key file for the host. The public key file is read at build time and saved in the Nix store. You can fetch a public key file from a running SSH server - with the <literal>ssh-keyscan</literal> command. + with the <command>ssh-keyscan</command> command. ''; }; }; |