citadel

My dotfiles, scripts and nix configs
git clone git://jb55.com/citadel
Log | Files | Refs | README | LICENSE

default.nix (586B)

      1 extra:
      2 { config, lib, pkgs, ... }:
      3 let
      4   ports = {
      5     notify = extra.private.notify-port;
      6   };
      7 
      8   firewallRules = [
      9     "nixos-fw -s 10.100.0.1/24,45.79.91.128 -p udp --dport ${toString ports.notify} -j nixos-fw-accept"
     10   ];
     11 
     12   addRule = rule: "iptables -A ${rule}";
     13   rmRule = rule: "iptables -D ${rule} || true";
     14   extraCommands = lib.concatStringsSep "\n" (map addRule firewallRules);
     15   extraStopCommands = lib.concatStringsSep "\n" (map rmRule firewallRules);
     16 in
     17 {
     18   networking.firewall.extraCommands = extraCommands;
     19   networking.firewall.extraStopCommands = extraStopCommands;
     20 }