Make opening ports in the firewall optional
This commit is contained in:
parent
5f431207b3
commit
0c4b9a8985
|
@ -25,6 +25,12 @@ in
|
|||
options.mailserver = {
|
||||
enable = mkEnableOption "nixos-mailserver";
|
||||
|
||||
openFirewall = mkOption {
|
||||
type = types.bool;
|
||||
default = true;
|
||||
description = "Automatically open ports in the firewall.";
|
||||
};
|
||||
|
||||
fqdn = mkOption {
|
||||
type = types.str;
|
||||
example = "mx.example.com";
|
||||
|
|
|
@ -20,7 +20,7 @@ let
|
|||
cfg = config.mailserver;
|
||||
in
|
||||
{
|
||||
config = with cfg; lib.mkIf enable {
|
||||
config = with cfg; lib.mkIf (enable && openFirewall) {
|
||||
|
||||
networking.firewall = {
|
||||
allowedTCPPorts = [ 25 ]
|
||||
|
|
Loading…
Reference in New Issue