Unverified Commit d31cbb78 authored by Christina Sørensen's avatar Christina Sørensen
Browse files

nixos/dockerRegistry: add `openFirewall` option 



Signed-off-by: default avatarChristina Sørensen <christina@cafkafk.com>
parent fdfe8b3a

nixos/modules/services/misc/docker-registry.nix

+10 −0
Original line number Diff line number Diff line
@@ -63,6 +63,12 @@ in { 
      type = types.port;

    };



    openFirewall = mkOption {

      type = types.bool;

      default = false;

      description = lib.mdDoc "Opens the port used by the firewall.";

    };



    storagePath = mkOption {

      type = types.nullOr types.path;

      default = "/var/lib/docker-registry";
@@ -154,5 +160,9 @@ in { 
        isSystemUser = true;

      };

    users.groups.docker-registry = {};



    networking.firewall = mkIf cfg.openFirewall {

      allowedTCPPorts = [ cfg.port ];

    };

  };

}

nixos/tests/docker-registry.nix

+1 −1
Original line number Diff line number Diff line
@@ -13,7 +13,7 @@ import ./make-test-python.nix ({ pkgs, ...} : { 
      services.dockerRegistry.port = 8080;

      services.dockerRegistry.listenAddress = "0.0.0.0";

      services.dockerRegistry.enableGarbageCollect = true;

      networking.firewall.allowedTCPPorts = [ 8080 ];

      services.dockerRegistry.openFirewall = true;

    };



    client1 = { ... }: {