diff options
Diffstat (limited to 'nixos/modules/services/printing/cupsd.nix')
| -rw-r--r-- | nixos/modules/services/printing/cupsd.nix | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/nixos/modules/services/printing/cupsd.nix b/nixos/modules/services/printing/cupsd.nix index 279b26bb895..3a274430347 100644 --- a/nixos/modules/services/printing/cupsd.nix +++ b/nixos/modules/services/printing/cupsd.nix @@ -108,6 +108,12 @@ let containsGutenprint = pkgs: length (filterGutenprint pkgs) > 0; getGutenprint = pkgs: head (filterGutenprint pkgs); + parsePorts = addresses: let + splitAddress = addr: strings.splitString ":" addr; + extractPort = addr: builtins.foldl' (a: b: b) "" (splitAddress addr); + in + builtins.map (address: strings.toInt (extractPort address)) addresses; + in { @@ -172,6 +178,15 @@ in ''; }; + openFirewall = mkOption { + type = types.bool; + default = false; + description = '' + Whether to open the firewall for TCP/UDP ports specified in + listenAdrresses option. + ''; + }; + bindirCmds = mkOption { type = types.lines; internal = true; @@ -463,6 +478,13 @@ in security.pam.services.cups = {}; + networking.firewall = let + listenPorts = parsePorts cfg.listenAddresses; + in mkIf cfg.openFirewall { + allowedTCPPorts = listenPorts; + allowedUDPPorts = listenPorts; + }; + }; meta.maintainers = with lib.maintainers; [ matthewbauer ]; |