31 lines
997 B
Nix
31 lines
997 B
Nix
{ lib, config, ... }: {
|
|
networking = {
|
|
hostName = config.syscfg.hostname;
|
|
useDHCP = true;
|
|
nameservers = [ "1.1.1.1" "9.9.9.9" ];
|
|
|
|
extraHosts = ''
|
|
${lib.concatStringsSep "\n" config.syscfg.extra.hosts}
|
|
'';
|
|
|
|
proxy = lib.mkIf (config.syscfg.extra.proxy.domain != "") {
|
|
default = "http://${config.syscfg.extra.proxy.domain}:${config.syscfg.extra.proxy.port or "8080"}";
|
|
noProxy = "${config.syscfg.extra.proxy.noProxy}";
|
|
};
|
|
|
|
|
|
firewall = {
|
|
enable = true;
|
|
allowedUDPPorts =
|
|
(if (config.syscfg.server != false && config.syscfg.server.wireguard) then [ 1515 ] else [ ]) ++
|
|
(if (config.syscfg.server != false && config.syscfg.server.web) then [ 80 443 22 ] else [ ]) ++
|
|
[ ];
|
|
|
|
allowedTCPPorts =
|
|
(if (config.syscfg.server != false && config.syscfg.server.web) then [ 80 443 22 ] else [ ]) ++
|
|
(if (config.syscfg.server != false) then [ 5432 6379 8181 ] else [ ]) ++
|
|
[ ];
|
|
};
|
|
};
|
|
}
|