feat(minecraft-servers): add openFirewall option

2022-02-27 14:19:28 -05:00 · 2022-02-27 14:19:28 -05:00 · 01d9dfa9e9
commit 01d9dfa9e9
parent 48428e8f9e
1 changed files with 21 additions and 0 deletions
--- a/modules/functionality/minecraft-servers.nix
+++ b/modules/functionality/minecraft-servers.nix
@ -8,6 +8,7 @@ in
  options.services.minecraft-servers = {
    enable = mkBoolOpt false;
    eula = mkBoolOpt false;
+    openFirewall = mkBoolOpt false;
    dataDir = mkOpt types.path "/srv/minecraft";

    servers = mkOption {
@ -18,6 +19,8 @@ in

          autoStart = mkBoolOpt true;

+          openFirewall = mkBoolOpt cfg.openFirewall;
+
          restart = mkOpt types.str "always";

          whitelist = mkOption {
@ -66,6 +69,24 @@ in
          }
        ];

+        networking.firewall =
+          let
+            toOpen = attrsets.filterAttrs (_: cfg: cfg.openFirewall) servers;
+            UDPPorts = attrsets.mapAttrsToList (name: conf: conf.serverProperties.server-port or 25565) toOpen;
+            TCPPorts = concatLists
+              (attrsets.mapAttrsToList
+                (name: conf: with conf;
+                (optional (serverProperties.enable-rcon or false) (serverProperties."rcon.port" or 25575)) ++
+                (optional (serverProperties.enable-query or false) (serverProperties."query.port" or 25565))
+                )
+                toOpen
+              );
+          in
+          rec {
+            allowedUDPPorts = UDPPorts;
+            allowedTCPPorts = UDPPorts ++ TCPPorts;
+          };
+
        systemd.services = attrsets.mapAttrs'
          (name: conf:
            let