diff options
| author | Jacob Greenleaf <jacob@jacobgreenleaf.com> | 2023-12-06 08:08:29 -0800 |
|---|---|---|
| committer | Jacob Greenleaf <jacob@jacobgreenleaf.com> | 2023-12-06 08:31:38 -0800 |
| commit | ed67e22139a4e01338ce8b56ca2a3d4711d0199e (patch) | |
| tree | 91221ba0bf9a4ef621f125e688ae91a02aa5be81 /nixos | |
| parent | bf78e6a54601fc74d8d27fb918a420c84fb6f5b3 (diff) | |
| download | nixlib-ed67e22139a4e01338ce8b56ca2a3d4711d0199e.tar nixlib-ed67e22139a4e01338ce8b56ca2a3d4711d0199e.tar.gz nixlib-ed67e22139a4e01338ce8b56ca2a3d4711d0199e.tar.bz2 nixlib-ed67e22139a4e01338ce8b56ca2a3d4711d0199e.tar.lz nixlib-ed67e22139a4e01338ce8b56ca2a3d4711d0199e.tar.xz nixlib-ed67e22139a4e01338ce8b56ca2a3d4711d0199e.tar.zst nixlib-ed67e22139a4e01338ce8b56ca2a3d4711d0199e.zip | |
nixos/teamspeak3: SSH and HTTP ip+port options
ServerQuery actually listens on three separate addresses each corresponding to its own protocol (raw/telnet, ssh, and http). By only setting `query_addr` we only update what IP we listen on for the raw protocol, not ssh and http protocols which end up listening on the default wildcard address. This change simply makes it so that setting `queryIP` sets the IP for all three protocols by setting each corresponding option (`query_ip`, `query_ssh_ip` and `query_http_ip`).
Diffstat (limited to 'nixos')
| -rw-r--r-- | nixos/modules/services/networking/teamspeak3.nix | 42 |
1 files changed, 33 insertions, 9 deletions
diff --git a/nixos/modules/services/networking/teamspeak3.nix b/nixos/modules/services/networking/teamspeak3.nix index f09ef1a959ed..ff41539a6d9b 100644 --- a/nixos/modules/services/networking/teamspeak3.nix +++ b/nixos/modules/services/networking/teamspeak3.nix @@ -50,7 +50,7 @@ in }; defaultVoicePort = mkOption { - type = types.int; + type = types.port; default = 9987; description = lib.mdDoc '' Default UDP port for clients to connect to virtual servers - used for first virtual server, subsequent ones will open on incrementing port numbers by default. @@ -67,7 +67,7 @@ in }; fileTransferPort = mkOption { - type = types.int; + type = types.port; default = 30033; description = lib.mdDoc '' TCP port opened for file transfers. @@ -84,10 +84,26 @@ in }; queryPort = mkOption { - type = types.int; + type = types.port; default = 10011; description = lib.mdDoc '' - TCP port opened for ServerQuery connections. + TCP port opened for ServerQuery connections using the raw telnet protocol. + ''; + }; + + querySshPort = mkOption { + type = types.port; + default = 10022; + description = lib.mdDoc '' + TCP port opened for ServerQuery connections using the SSH protocol. + ''; + }; + + queryHttpPort = mkOption { + type = types.port; + default = 10080; + description = lib.mdDoc '' + TCP port opened for ServerQuery connections using the HTTP protocol. ''; }; @@ -128,7 +144,9 @@ in ]; networking.firewall = mkIf cfg.openFirewall { - allowedTCPPorts = [ cfg.fileTransferPort ] ++ optionals (cfg.openFirewallServerQuery) [ cfg.queryPort (cfg.queryPort + 11) ]; + allowedTCPPorts = [ cfg.fileTransferPort ] ++ (map (port: + mkIf cfg.openFirewallServerQuery port + ) [cfg.queryPort cfg.querySshPort cfg.queryHttpPort]); # subsequent vServers will use the incremented voice port, let's just open the next 10 allowedUDPPortRanges = [ { from = cfg.defaultVoicePort; to = cfg.defaultVoicePort + 10; } ]; }; @@ -141,13 +159,19 @@ in serviceConfig = { ExecStart = '' ${ts3}/bin/ts3server \ - dbsqlpath=${ts3}/lib/teamspeak/sql/ logpath=${cfg.logPath} \ - ${optionalString (cfg.voiceIP != null) "voice_ip=${cfg.voiceIP}"} \ + dbsqlpath=${ts3}/lib/teamspeak/sql/ \ + logpath=${cfg.logPath} \ + license_accepted=1 \ default_voice_port=${toString cfg.defaultVoicePort} \ - ${optionalString (cfg.fileTransferIP != null) "filetransfer_ip=${cfg.fileTransferIP}"} \ filetransfer_port=${toString cfg.fileTransferPort} \ + query_port=${toString cfg.queryPort} \ + query_ssh_port=${toString cfg.querySshPort} \ + query_http_port=${toString cfg.queryHttpPort} \ + ${optionalString (cfg.voiceIP != null) "voice_ip=${cfg.voiceIP}"} \ + ${optionalString (cfg.fileTransferIP != null) "filetransfer_ip=${cfg.fileTransferIP}"} \ ${optionalString (cfg.queryIP != null) "query_ip=${cfg.queryIP}"} \ - query_port=${toString cfg.queryPort} license_accepted=1 + ${optionalString (cfg.queryIP != null) "query_ssh_ip=${cfg.queryIP}"} \ + ${optionalString (cfg.queryIP != null) "query_http_ip=${cfg.queryIP}"} \ ''; WorkingDirectory = cfg.dataDir; User = user; |