movefasta/nixpkgs
0
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-07-12 05:16:25 +03:00
Code Activity

sshd: provide option to disable firewall altering

Browse source
This commit is contained in:
Leon Schuermann 2018-01-18 21:24:36 +07:00 committed by adisbladis
parent 0b559ed1cd
commit c61a9dfd2e
No known key found for this signature in database
GPG key ID: ED58F95069B004F5
1 changed files with 10 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

10
nixos/modules/services/networking/ssh/sshd.nix
View file

@ -137,6 +137,14 @@ in
'';
};
openFirewall = mkOption {
type = types.bool;
default = true;
description = ''
Whether to automatically open the specified ports in the firewall.
'';
};
listenAddresses = mkOption {
type = with types; listOf (submodule {
options = {
@ -302,7 +310,7 @@ in
};
networking.firewall.allowedTCPPorts = cfg.ports;
networking.firewall.allowedTCPPorts = if cfg.openFirewall then cfg.ports else [];
security.pam.services.sshd =
{ startSession = true;