firewall/hetzner/default.nix at main · ptr.pet/nixos-cloud-resources

nixos modules for convenient deployment of cloud resources

nixos-cloud-resources / firewall / hetzner / default.nix

at main 951 B view raw

 1{lib, config, ...}: let
 2  l = lib;
 3  t = l.types;
 4  taggedPorts = config.networking.firewall.public;
 5  cfg = config.providers.hetzner.firewall;
 6in {
 7  options = {
 8    providers.hetzner.firewall = {
 9      enable = l.mkEnableOption "hetzner firewall";
10      id = l.mkOption {
11        type = t.ints.unsigned;
12        description = "The ID of the firewall to update.";
13      };
14      mkApp = l.mkOption {
15        type = t.functionTo t.package;
16        readOnly = true;
17        description = ''
18          Function that generates a script for this provider, pass it an instance of nixpkgs and run to apply the configuration.
19
20          For this app to work, you need to set the `HETZNER_API_TOKEN` environment variable to a valid API token from Hetzner.
21        '';
22      };
23    };
24  };
25
26  config = l.mkIf cfg.enable {
27    providers.hetzner.firewall.mkApp = pkgs: import ./app.nix {
28      inherit pkgs lib taggedPorts;
29      inherit (cfg) id;
30    };
31  };
32}