modules/router/upnp.nix at main · kitten.sh/system

kitten.sh / system

Personal Nix setup

system / modules / router / upnp.nix

at main 837 B view raw

 1{ lib, config, ... }:
 2
 3with lib;
 4let
 5  cfg = config.modules.router;
 6  extern = cfg.interfaces.external;
 7  intern = cfg.interfaces.internal;
 8in {
 9  options.modules.router = {
10    upnp = {
11      enable = mkOption {
12        default = false;
13        description = "Whether to enable UPNP";
14        type = types.bool;
15      };
16    };
17  };
18
19  config = mkIf (cfg.upnp.enable && intern != null) {
20    services.miniupnpd = {
21      enable = true;
22      upnp = true;
23      internalIPs = if intern != null then [ intern.name ] else [];
24      externalInterface = extern.name;
25      appendConfig = ''
26        secure_mode=yes
27        notify_interval=60
28        clean_ruleset_interval=600
29        uuid=78b8b903-83c1-4036-8fcd-f64aee25baca
30        allow 1024-65535 ${intern.cidr} 1024-65535
31        deny 0-65535 0.0.0.0/0 0-65535
32      '';
33    };
34  };
35}