Merge pull request #243366 from vamega/sambda-wsdd-firewall-config
nixos/samba-wsdd: add openFirewall option
This commit is contained in:
commit
00a7b91eac
2 changed files with 14 additions and 11 deletions
|
@ -11,13 +11,6 @@ in {
|
|||
enable = mkEnableOption (lib.mdDoc ''
|
||||
Web Services Dynamic Discovery host daemon. This enables (Samba) hosts, like your local NAS device,
|
||||
to be found by Web Service Discovery Clients like Windows.
|
||||
|
||||
::: {.note}
|
||||
If you use the firewall consider adding the following:
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ 5357 ];
|
||||
networking.firewall.allowedUDPPorts = [ 3702 ];
|
||||
:::
|
||||
'');
|
||||
interface = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
|
@ -31,6 +24,13 @@ in {
|
|||
example = 2;
|
||||
description = lib.mdDoc "Hop limit for multicast packets (default = 1).";
|
||||
};
|
||||
openFirewall = mkOption {
|
||||
description = lib.mdDoc ''
|
||||
Whether to open the required firewall ports in the firewall.
|
||||
'';
|
||||
default = false;
|
||||
type = lib.types.bool;
|
||||
};
|
||||
workgroup = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
|
@ -120,5 +120,10 @@ in {
|
|||
SystemCallFilter = "~@cpu-emulation @debug @mount @obsolete @privileged @resources";
|
||||
};
|
||||
};
|
||||
|
||||
networking.firewall = mkIf cfg.openFirewall {
|
||||
allowedTCPPorts = [ 5357 ];
|
||||
allowedUDPPorts = [ 3702 ];
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -8,25 +8,23 @@ import ./make-test-python.nix ({ pkgs, ... }:
|
|||
client_wsdd = { pkgs, ... }: {
|
||||
services.samba-wsdd = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
interface = "eth1";
|
||||
workgroup = "WORKGROUP";
|
||||
hostname = "CLIENT-WSDD";
|
||||
discovery = true;
|
||||
extraOptions = [ "--no-host" ];
|
||||
};
|
||||
networking.firewall.allowedTCPPorts = [ 5357 ];
|
||||
networking.firewall.allowedUDPPorts = [ 3702 ];
|
||||
};
|
||||
|
||||
server_wsdd = { ... }: {
|
||||
services.samba-wsdd = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
interface = "eth1";
|
||||
workgroup = "WORKGROUP";
|
||||
hostname = "SERVER-WSDD";
|
||||
};
|
||||
networking.firewall.allowedTCPPorts = [ 5357 ];
|
||||
networking.firewall.allowedUDPPorts = [ 3702 ];
|
||||
};
|
||||
};
|
||||
|
||||
|
|
Loading…
Reference in a new issue