nixos/modules/programs/ausweisapp.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25

{ config, lib, pkgs, ... }:

with lib;

let
  cfg  = config.programs.ausweisapp;
in
{
  options.programs.ausweisapp = {
    enable = mkEnableOption (lib.mdDoc "AusweisApp2");

    openFirewall = mkOption {
      description = lib.mdDoc ''
        Whether to open the required firewall ports for the Smartphone as Card Reader (SaC) functionality of AusweisApp2.
      '';
      default = false;
      type = lib.types.bool;
    };
  };

  config = mkIf cfg.enable {
    environment.systemPackages = with pkgs; [ AusweisApp2 ];
    networking.firewall.allowedUDPPorts = lib.optionals cfg.openFirewall [ 24727 ];
  };
}