diff options
author | Michael Hoang <enzime@users.noreply.github.com> | 2021-10-16 12:29:55 +1100 |
---|---|---|
committer | Michael Hoang <enzime@users.noreply.github.com> | 2021-10-19 19:11:02 +1100 |
commit | 43d2eefea6a42a1e77e326d36da064246b6afcb2 (patch) | |
tree | cda852c31355f13588689059e0b1f173024ce2a9 /nixos/modules/services/network-filesystems | |
parent | c033ff53bbf6d02fe6d5863260a752892c2f6216 (diff) | |
download | nixpkgs-43d2eefea6a42a1e77e326d36da064246b6afcb2.tar nixpkgs-43d2eefea6a42a1e77e326d36da064246b6afcb2.tar.gz nixpkgs-43d2eefea6a42a1e77e326d36da064246b6afcb2.tar.bz2 nixpkgs-43d2eefea6a42a1e77e326d36da064246b6afcb2.tar.lz nixpkgs-43d2eefea6a42a1e77e326d36da064246b6afcb2.tar.xz nixpkgs-43d2eefea6a42a1e77e326d36da064246b6afcb2.tar.zst nixpkgs-43d2eefea6a42a1e77e326d36da064246b6afcb2.zip |
nixos/samba: Add `openFirewall` option
Diffstat (limited to 'nixos/modules/services/network-filesystems')
-rw-r--r-- | nixos/modules/services/network-filesystems/samba.nix | 16 |
1 files changed, 13 insertions, 3 deletions
diff --git a/nixos/modules/services/network-filesystems/samba.nix b/nixos/modules/services/network-filesystems/samba.nix index 3fedaeb4952..9ed755d0465 100644 --- a/nixos/modules/services/network-filesystems/samba.nix +++ b/nixos/modules/services/network-filesystems/samba.nix @@ -87,13 +87,20 @@ in <note> <para>If you use the firewall consider adding the following:</para> <programlisting> - networking.firewall.allowedTCPPorts = [ 139 445 ]; - networking.firewall.allowedUDPPorts = [ 137 138 ]; + services.samba.openFirewall = true; </programlisting> </note> ''; }; + openFirewall = mkOption { + type = types.bool; + default = false; + description = '' + Whether to automatically open the necessary ports in the firewall. + ''; + }; + enableNmbd = mkOption { type = types.bool; default = true; @@ -235,7 +242,10 @@ in }; security.pam.services.samba = {}; - environment.systemPackages = [ config.services.samba.package ]; + environment.systemPackages = [ cfg.package ]; + + networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [ 139 445 ]; + networking.firewall.allowedUDPPorts = mkIf cfg.openFirewall [ 137 138 ]; }) ]; |