1
1
Fork 0
This commit is contained in:
Tim Van Baak 2024-04-13 04:49:34 +00:00
parent db3df565d5
commit 2d87009561
1 changed files with 16 additions and 12 deletions

View File

@ -4,6 +4,7 @@ with lib;
let
cfg = config.services.syncthings;
enabledInstances = filterAttrs (n: v: v.enable) cfg.instances;
opt = options.services.syncthings;
defaultUser = "syncthing";
defaultGroup = defaultUser;
@ -574,19 +575,23 @@ in {
'';
};
openDefaultPorts = mkOption {
openPorts = mkOption {
type = types.bool;
default = false;
example = true;
description = lib.mdDoc ''
Whether to open the default ports in the firewall: TCP/UDP 22000 for transfers
and UDP 21027 for discovery.
description = mdDoc "Whether to open the transfer port and discovery port in the firewall.";
};
If multiple users are running Syncthing on this machine, you will need
to manually open a set of ports for each instance and leave this disabled.
Alternatively, if you are running only a single instance on this machine
using the default ports, enable this.
'';
transferPort = mkOption {
type = types.port;
example = 22000;
description = mdDoc "The TCP/UDP port for transfers.";
};
discoveryPort = mkOption {
type = types.port;
example = 21027;
description = mdDoc "The UDP port for discovery.";
};
package = mkOption {
@ -605,9 +610,8 @@ in {
###### implementation
config = mkIf cfg.enable {
networking.firewall = mkIf cfg.openDefaultPorts {
config = mkIf (enabledInstances != {}) {
networking.firewall = {
allowedTCPPorts = [ 22000 ];
allowedUDPPorts = [ 21027 22000 ];
};