diff options
author | Maximilian Bosch <maximilian@mbosch.me> | 2020-04-25 19:48:34 +0200 |
---|---|---|
committer | Maximilian Bosch <maximilian@mbosch.me> | 2020-04-25 19:48:34 +0200 |
commit | 4062592f3a17d814812ca696604ea22ad615ca12 (patch) | |
tree | 9ad34f55683f4b29be84fd22f42ea34f9d789c8d /nixos/modules/services/printing | |
parent | 083ea0abbe770795b931f7ac71f0c0472e102470 (diff) | |
download | nixpkgs-4062592f3a17d814812ca696604ea22ad615ca12.tar nixpkgs-4062592f3a17d814812ca696604ea22ad615ca12.tar.gz nixpkgs-4062592f3a17d814812ca696604ea22ad615ca12.tar.bz2 nixpkgs-4062592f3a17d814812ca696604ea22ad615ca12.tar.lz nixpkgs-4062592f3a17d814812ca696604ea22ad615ca12.tar.xz nixpkgs-4062592f3a17d814812ca696604ea22ad615ca12.tar.zst nixpkgs-4062592f3a17d814812ca696604ea22ad615ca12.zip |
nixos/printing: make access to web-interface configurable
Otherwise you'd always get a 403 when hosting the web-interface of cups at a different location than `localhost`.
Diffstat (limited to 'nixos/modules/services/printing')
-rw-r--r-- | nixos/modules/services/printing/cupsd.nix | 16 |
1 files changed, 13 insertions, 3 deletions
diff --git a/nixos/modules/services/printing/cupsd.nix b/nixos/modules/services/printing/cupsd.nix index 59306d625e6..e67badfcd29 100644 --- a/nixos/modules/services/printing/cupsd.nix +++ b/nixos/modules/services/printing/cupsd.nix @@ -153,6 +153,16 @@ in ''; }; + allowFrom = mkOption { + type = types.listOf types.str; + default = [ "localhost" ]; + example = [ "all" ]; + apply = concatMapStringsSep "\n" (x: "Allow ${x}"); + description = '' + From which hosts to allow unconditional access. + ''; + }; + bindirCmds = mkOption { type = types.lines; internal = true; @@ -403,19 +413,19 @@ in <Location /> Order allow,deny - Allow localhost + ${cfg.allowFrom} </Location> <Location /admin> Order allow,deny - Allow localhost + ${cfg.allowFrom} </Location> <Location /admin/conf> AuthType Basic Require user @SYSTEM Order allow,deny - Allow localhost + ${cfg.allowFrom} </Location> <Policy default> |