| 
									
										
										
										
											2015-12-08 10:40:43 +01:00
										 |  |  | { config, lib, pkgs, ... }: | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | with lib; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | let | 
					
						
							|  |  |  |   cfg = config.services.miniupnpd; | 
					
						
							|  |  |  |   configFile = pkgs.writeText "miniupnpd.conf" ''
 | 
					
						
							|  |  |  |     ext_ifname=${cfg.externalInterface} | 
					
						
							|  |  |  |     enable_natpmp=${if cfg.natpmp then "yes" else "no"} | 
					
						
							|  |  |  |     enable_upnp=${if cfg.upnp then "yes" else "no"} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     ${concatMapStrings (range: ''
 | 
					
						
							|  |  |  |       listening_ip=${range} | 
					
						
							|  |  |  |     '') cfg.internalIPs}
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     ${cfg.appendConfig} | 
					
						
							|  |  |  |   '';
 | 
					
						
							|  |  |  | in | 
					
						
							|  |  |  | { | 
					
						
							|  |  |  |   options = { | 
					
						
							|  |  |  |     services.miniupnpd = { | 
					
						
							|  |  |  |       enable = mkEnableOption "MiniUPnP daemon"; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |       externalInterface = mkOption { | 
					
						
							|  |  |  |         type = types.str; | 
					
						
							|  |  |  |         description = ''
 | 
					
						
							|  |  |  |           Name of the external interface. | 
					
						
							|  |  |  |         '';
 | 
					
						
							|  |  |  |       }; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |       internalIPs = mkOption { | 
					
						
							|  |  |  |         type = types.listOf types.str; | 
					
						
							| 
									
										
										
										
											2015-12-13 16:43:31 +01:00
										 |  |  |         example = [ "192.168.1.1/24" "enp1s0" ]; | 
					
						
							| 
									
										
										
										
											2015-12-08 10:40:43 +01:00
										 |  |  |         description = ''
 | 
					
						
							|  |  |  |           The IP address ranges to listen on. | 
					
						
							|  |  |  |         '';
 | 
					
						
							|  |  |  |       }; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |       natpmp = mkEnableOption "NAT-PMP support"; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |       upnp = mkOption { | 
					
						
							|  |  |  |         default = true; | 
					
						
							|  |  |  |         type = types.bool; | 
					
						
							|  |  |  |         description = ''
 | 
					
						
							|  |  |  |           Whether to enable UPNP support. | 
					
						
							|  |  |  |         '';
 | 
					
						
							|  |  |  |       }; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |       appendConfig = mkOption { | 
					
						
							|  |  |  |         type = types.lines; | 
					
						
							|  |  |  |         default = ""; | 
					
						
							|  |  |  |         description = ''
 | 
					
						
							|  |  |  |           Configuration lines appended to the MiniUPnP config. | 
					
						
							|  |  |  |         '';
 | 
					
						
							|  |  |  |       }; | 
					
						
							|  |  |  |     }; | 
					
						
							|  |  |  |   }; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |   config = mkIf cfg.enable { | 
					
						
							| 
									
										
										
										
											2015-12-13 16:43:31 +01:00
										 |  |  |     networking.firewall.extraCommands = ''
 | 
					
						
							| 
									
										
										
										
											2018-09-15 15:08:18 +02:00
										 |  |  |       ${pkgs.bash}/bin/bash -x ${pkgs.miniupnpd}/etc/miniupnpd/iptables_init.sh -i ${cfg.externalInterface} | 
					
						
							| 
									
										
										
										
											2015-12-13 16:43:31 +01:00
										 |  |  |     '';
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     networking.firewall.extraStopCommands = ''
 | 
					
						
							| 
									
										
										
										
											2018-09-15 15:08:18 +02:00
										 |  |  |       ${pkgs.bash}/bin/bash -x ${pkgs.miniupnpd}/etc/miniupnpd/iptables_removeall.sh -i ${cfg.externalInterface} | 
					
						
							| 
									
										
										
										
											2015-12-13 16:43:31 +01:00
										 |  |  |     '';
 | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2015-12-08 10:40:43 +01:00
										 |  |  |     systemd.services.miniupnpd = { | 
					
						
							|  |  |  |       description = "MiniUPnP daemon"; | 
					
						
							|  |  |  |       after = [ "network.target" ]; | 
					
						
							|  |  |  |       wantedBy = [ "multi-user.target" ]; | 
					
						
							|  |  |  |       serviceConfig = { | 
					
						
							| 
									
										
										
										
											2015-12-13 16:43:31 +01:00
										 |  |  |         ExecStart = "${pkgs.miniupnpd}/bin/miniupnpd -f ${configFile}"; | 
					
						
							| 
									
										
										
										
											2018-12-19 22:40:21 +01:00
										 |  |  |         PIDFile = "/run/miniupnpd.pid"; | 
					
						
							| 
									
										
										
										
											2015-12-13 16:43:31 +01:00
										 |  |  |         Type = "forking"; | 
					
						
							| 
									
										
										
										
											2015-12-08 10:40:43 +01:00
										 |  |  |       }; | 
					
						
							|  |  |  |     }; | 
					
						
							|  |  |  |   }; | 
					
						
							|  |  |  | } |