refactor: modularize audio-prod, audio, wsl, wine, networking

2025-06-20 05:59:51 -07:00 · 2024-12-22 22:26:41 -08:00 · 2024-12-22 22:26:41 -08:00 · ee6f29eb57
commit ee6f29eb57
parent 5cbd9e60cb
9 changed files with 200 additions and 73 deletions
--- a/modules/linux/networking/default.nix
+++ b/modules/linux/networking/default.nix
@ -1,35 +1,53 @@
+{ lib, config, ... }:
 let
-  universalAllowedPorts = [
-    27016 # grim dawn
-    42805 # grim dawn
-    42852 # grim dawn
-    42872 # grim dawn
-    27015 # grim dawn
-    27036 # grim dawn
+  cfg = config.liminalOS.system.networking;

-    5173 # vite test server
-    4173 # vite test server
-  ];
+  universalAllowedPorts =
+    (lib.optionals cfg.firewallPresets.grimDawn [
+      27016 # grim dawn
+      42805 # grim dawn
+      42852 # grim dawn
+      42872 # grim dawn
+      27015 # grim dawn
+      27036 # grim dawn
+    ])
+    ++ (lib.optionals cfg.firewallPresets.vite [
+      5173 # vite test server
+      4173 # vite test server
+    ]);
  universalAllowedRanges = [ ];
 in
 {
-  services.openssh.enable = true;
-
-  networking.firewall = {
-    enable = true;
-    allowedTCPPorts = universalAllowedPorts;
-    allowedUDPPorts = universalAllowedPorts;
-    allowedUDPPortRanges = universalAllowedRanges ++ [
-      {
-        from = 27031;
-        to = 27036;
-      }
-    ];
-    allowedTCPPortRanges = universalAllowedRanges;
+  options.liminalOS.system.networking = {
+    enable = lib.mkEnableOption "networking";
+    firewallPresets = {
+      grimDawn = lib.mkEnableOption "firewall ports for Grim Dawn";
+      vite = lib.mkEnableOption "firewall ports for Vite";
+    };
+    cloudflareNameservers.enable = lib.mkEnableOption "Cloudflare DNS servers";
  };

-  networking.nameservers = [
-    "1.1.1.1"
-    "1.0.0.1"
-  ];
+  config = lib.mkIf cfg.enable {
+    services.openssh.enable = true;
+
+    networking.firewall = {
+      enable = true;
+      allowedTCPPorts = universalAllowedPorts;
+      allowedUDPPorts = universalAllowedPorts;
+      allowedUDPPortRanges =
+        universalAllowedRanges
+        ++ (lib.optionals cfg.firewallPresets.grimDawn [
+          {
+            from = 27031;
+            to = 27036;
+          }
+        ]);
+      allowedTCPPortRanges = universalAllowedRanges;
+    };
+
+    networking.nameservers = lib.mkIf cfg.cloudflareNameservers.enable [
+      "1.1.1.1"
+      "1.0.0.1"
+    ];
+  };
 }