39 lines
448 B
Nix
39 lines
448 B
Nix
{
|
|
config,
|
|
lib,
|
|
...
|
|
}:
|
|
let
|
|
inherit (config.machine.prosody)
|
|
enable
|
|
;
|
|
in
|
|
with lib;
|
|
mkIf enable {
|
|
networking.firewall = {
|
|
allowedTCPPorts = [
|
|
# HTTP filer
|
|
80
|
|
443
|
|
|
|
# C2S
|
|
5222
|
|
5223
|
|
|
|
# S2S
|
|
5269
|
|
5270
|
|
|
|
# WebSockets / BOSH
|
|
5280
|
|
5281
|
|
]
|
|
++ concatLists (
|
|
with config.services.prosody;
|
|
[
|
|
httpPorts
|
|
httpsPorts
|
|
]
|
|
);
|
|
};
|
|
}
|