cafkafk/nixpkgs
cafkafk/nixpkgs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2

Merge pull request #136270 from lovesegfault/roon-firewall

Browse source 
roon-{bridge,server}: fix openFirewall
This commit is contained in:
Bernardo Meurer 2021-08-31 09:09:32 +00:00 committed by GitHub
commit 1392ff98cc
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 16 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
nixos/modules/services/audio/roon-bridge.nix
View file

@ -14,9 +14,6 @@ in {
default = false;
description = ''
Open ports in the firewall for the bridge.
UDP: 9003
TCP: 9100 - 9200
'';
};
user = mkOption {
@ -54,10 +51,15 @@ in {
};
networking.firewall = mkIf cfg.openFirewall {
allowedTCPPortRanges = [
{ from = 9100; to = 9200; }
];
allowedTCPPortRanges = [{ from = 9100; to = 9200; }];
allowedUDPPorts = [ 9003 ];
extraCommands = ''
iptables -A INPUT -s 224.0.0.0/4 -j ACCEPT
iptables -A INPUT -d 224.0.0.0/4 -j ACCEPT
iptables -A INPUT -s 240.0.0.0/5 -j ACCEPT
iptables -A INPUT -m pkttype --pkt-type multicast -j ACCEPT
iptables -A INPUT -m pkttype --pkt-type broadcast -j ACCEPT
'';
};

14
nixos/modules/services/audio/roon-server.nix
View file

@ -14,9 +14,6 @@ in {
default = false;
description = ''
Open ports in the firewall for the server.
UDP: 9003
TCP: 9100 - 9200
'';
};
user = mkOption {
@ -54,10 +51,15 @@ in {
};
networking.firewall = mkIf cfg.openFirewall {
allowedTCPPortRanges = [
{ from = 9100; to = 9200; }
];
allowedTCPPortRanges = [{ from = 9100; to = 9200; }];
allowedUDPPorts = [ 9003 ];
extraCommands = ''
iptables -A INPUT -s 224.0.0.0/4 -j ACCEPT
iptables -A INPUT -d 224.0.0.0/4 -j ACCEPT
iptables -A INPUT -s 240.0.0.0/5 -j ACCEPT
iptables -A INPUT -m pkttype --pkt-type multicast -j ACCEPT
iptables -A INPUT -m pkttype --pkt-type broadcast -j ACCEPT
'';
};