From 18c404a5d6539a7641801282963b8bae7c424a4f Mon Sep 17 00:00:00 2001
From: Jean-Paul Calderone <exarkun@twistedmatrix.com>
Date: Thu, 5 Sep 2019 09:02:38 -0400
Subject: [PATCH] Define options for public IPv4 and port number.

Also open the firewall!  Yea.  That is a pretty important thing.
---
 nixos/modules/private-storage.nix | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/nixos/modules/private-storage.nix b/nixos/modules/private-storage.nix
index 00065052..dc83150f 100644
--- a/nixos/modules/private-storage.nix
+++ b/nixos/modules/private-storage.nix
@@ -33,6 +33,22 @@ in
         The package to use for the Tahoe-LAFS daemon.
       '';
     };
+    services.private-storage.publicIPv4 = lib.mkOption
+    { default = "127.0.0.1";
+      type = lib.types.str;
+      example = lib.literalExample "192.0.2.0";
+      description = ''
+        An IPv4 address to advertise for this storage service.
+      '';
+    };
+    services.private-storage.publicStoragePort = lib.mkOption
+    { default = 8898;
+      type = lib.types.int;
+      example = lib.literalExample 8098;
+      description = ''
+        The port number on which to service storage clients.
+      '';
+    };
   };
   config = lib.mkIf cfg.enable
   { services.tahoe.nodes."storage" =
@@ -42,6 +58,8 @@ in
         # XXX Should try to name that is unique across the grid.
         { nickname = "storage";
           "web.port" = "tcp:3456:interface=127.0.0.1";
+          "tub.port" = "tcp:${toString cfg.publicStoragePort}";
+          "tub.location" = "tcp:${cfg.publicIPv4}:${toString cfg.publicStoragePort}";
         };
         storage =
         { enabled = true;
@@ -52,5 +70,7 @@ in
         };
       };
     };
+    networking.firewall.allowedTCPPorts = [ cfg.publicStoragePort ];
+
   };
 }
-- 
GitLab