gensokyo-zone/infrastructure
1
0
Fork 0
mirror of https://github.com/gensokyo-zone/infrastructure.git synced 2026-02-09 12:29:19 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions
infrastructure/nixos/unifi.nix
arcnmx 439674d510 refactor: more shared data
2024-03-05 14:34:58 -08:00

37 lines
873 B
Nix
Raw Blame History

{
pkgs,
config,
lib,
...
}: let
inherit (lib.modules) mkIf mkMerge mkDefault;
cfg = config.services.unifi;
in {
services.unifi = {
enable = mkDefault true;
unifiPackage = mkDefault pkgs.unifi8;
};
networking.firewall.interfaces.local = mkIf cfg.enable {
allowedTCPPorts = mkMerge [
[
8443 # remote login
]
(mkIf (!cfg.openFirewall) [
8080 # Port for UAP to inform controller.
8880 # Port for HTTP portal redirect, if guest portal is enabled.
8843 # Port for HTTPS portal redirect, ditto.
6789 # Port for UniFi mobile speed test.
])
];
allowedUDPPorts = mkIf (!cfg.openFirewall) [
3478 # UDP port used for STUN.
10001 # UDP port used for device discovery.
];
};
users = mkIf cfg.enable {
users.unifi.uid = 990;
groups.unifi.gid = 990;
};
}
Reference in a new issue View git blame Copy permalink