From 01d9dfa9e91443d278ffafe1537685f44689e26c Mon Sep 17 00:00:00 2001
From: Infinidoge <infinidoge@inx.moe>
Date: Sun, 27 Feb 2022 14:19:28 -0500
Subject: [PATCH] feat(minecraft-servers): add openFirewall option

---
 modules/functionality/minecraft-servers.nix | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/modules/functionality/minecraft-servers.nix b/modules/functionality/minecraft-servers.nix
index 905ccfc..49eb9a8 100644
--- a/modules/functionality/minecraft-servers.nix
+++ b/modules/functionality/minecraft-servers.nix
@@ -8,6 +8,7 @@ in
   options.services.minecraft-servers = {
     enable = mkBoolOpt false;
     eula = mkBoolOpt false;
+    openFirewall = mkBoolOpt false;
     dataDir = mkOpt types.path "/srv/minecraft";
 
     servers = mkOption {
@@ -18,6 +19,8 @@ in
 
           autoStart = mkBoolOpt true;
 
+          openFirewall = mkBoolOpt cfg.openFirewall;
+
           restart = mkOpt types.str "always";
 
           whitelist = mkOption {
@@ -66,6 +69,24 @@ in
           }
         ];
 
+        networking.firewall =
+          let
+            toOpen = attrsets.filterAttrs (_: cfg: cfg.openFirewall) servers;
+            UDPPorts = attrsets.mapAttrsToList (name: conf: conf.serverProperties.server-port or 25565) toOpen;
+            TCPPorts = concatLists
+              (attrsets.mapAttrsToList
+                (name: conf: with conf;
+                (optional (serverProperties.enable-rcon or false) (serverProperties."rcon.port" or 25575)) ++
+                (optional (serverProperties.enable-query or false) (serverProperties."query.port" or 25565))
+                )
+                toOpen
+              );
+          in
+          rec {
+            allowedUDPPorts = UDPPorts;
+            allowedTCPPorts = UDPPorts ++ TCPPorts;
+          };
+
         systemd.services = attrsets.mapAttrs'
           (name: conf:
             let