diff options
| author | Valentin <valentin@fricklerhandwerk.de> | 2025-11-06 15:41:26 +0100 |
|---|---|---|
| committer | Valentin <valentin@fricklerhandwerk.de> | 2025-11-06 16:46:28 +0100 |
| commit | 3ef375132b8e13fa7ec5a566f0ccfa27d8cda257 (patch) | |
| tree | 83cf15c68e9b5f5b63909048e80b06c588e6b276 /machines.nix | |
| parent | c298e9e2ec45ddfe64fca4ed62f948dc05cde219 (diff) | |
Vereinfachte Handhabung von Ports in der virtuellen Maschine
Diffstat (limited to 'machines.nix')
| -rw-r--r-- | machines.nix | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/machines.nix b/machines.nix index 8f29ef0..1e7deab 100644 --- a/machines.nix +++ b/machines.nix @@ -102,6 +102,32 @@ in type = types.ints.positive; default = 10000; }; + virtualisation.exposedPorts = mkOption { + description = '' + In der virtuellen Maschine verwendete Ports + + Diese werden mit dem entsprechend angepassten Wert and den Host exponiert. + ''; + type = + with types; + attrsOf (submodule { + options = { + port = mkOption { + type = types.ints.positive; + }; + protocol = mkOption { + type = types.enum [ + "tcp" + "udp" + ]; + default = "tcp"; + }; + }; + }); + default = { + http.port = 800; + }; + }; }; config = { @@ -113,6 +139,19 @@ in }) config.networking.firewall.allowedTCPPorts; services.getty.autologinUser = lib.mkDefault "root"; + networking.firewall = + let + ports = + protocol: + lib.foldlAttrs ( + acc: _name: cfg: + if cfg.protocol == protocol then acc ++ [ cfg.port ] else acc + ) [ ] config.virtualisation.exposedPorts; + in + { + allowedTCPPorts = ports "tcp"; + allowedUDPPorts = ports "udp"; + }; }; }; }; |