2016-08-12 12:46:36 +02:00
|
|
|
{ config, lib, pkgs, ... }:
|
2016-07-22 14:16:20 +02:00
|
|
|
|
|
|
|
|
let
|
2016-08-12 12:46:36 +02:00
|
|
|
inherit (lib) mkIf mkMerge mkThenElse;
|
2016-07-22 14:16:20 +02:00
|
|
|
cfg = config.r6d.config-generator;
|
2016-08-12 12:46:36 +02:00
|
|
|
computers = config.r6d.computers;
|
|
|
|
|
profiles = config.r6d.profiles;
|
|
|
|
|
in
|
|
|
|
|
|
|
|
|
|
mkIf cfg.nix-serve-server {
|
|
|
|
|
|
2016-07-04 10:56:33 +02:00
|
|
|
# Cache http pour le store
|
2016-07-09 21:26:20 +02:00
|
|
|
|
2016-08-12 12:46:36 +02:00
|
|
|
# Services
|
|
|
|
|
services.nix-serve = {
|
|
|
|
|
enable = true;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
# Réseau
|
|
|
|
|
networking.firewall = {
|
|
|
|
|
allowedTCPPorts = [
|
2017-01-21 23:57:51 +01:00
|
|
|
#5000 # ouvert sur tinc
|
2016-08-12 12:46:36 +02:00
|
|
|
];
|
|
|
|
|
allowedUDPPorts = [
|
|
|
|
|
];
|
2017-01-21 23:57:51 +01:00
|
|
|
extraCommands = ''
|
|
|
|
|
iptables -A INPUT -i tinc.grudunet -p tcp --dport 5000 -j ACCEPT
|
|
|
|
|
ip6tables -A INPUT -i tinc.grudunet -p tcp --dport 5000 -j ACCEPT
|
|
|
|
|
'';
|
2016-08-12 12:46:36 +02:00
|
|
|
};
|
2016-07-04 10:56:33 +02:00
|
|
|
}
|
