54 lines
1.1 KiB
Nix
54 lines
1.1 KiB
Nix
|
{ lib, ... }:
|
||
|
with lib;
|
||
|
with types;
|
||
|
{
|
||
|
options.verify.closed = mkOption {
|
||
|
default = { };
|
||
|
example = {
|
||
|
public = {
|
||
|
domain = "example.com";
|
||
|
ports = {
|
||
|
arr = [
|
||
|
7878
|
||
|
8989
|
||
|
8686
|
||
|
];
|
||
|
};
|
||
|
};
|
||
|
work_vpn = {
|
||
|
domain = "10.1.1.100";
|
||
|
ports = {
|
||
|
arr = [
|
||
|
7878
|
||
|
8989
|
||
|
8686
|
||
|
];
|
||
|
};
|
||
|
};
|
||
|
};
|
||
|
description = ''
|
||
|
Verify that ports the defined ports are closed for a specific interface.
|
||
|
Verification is done by rustscan.
|
||
|
'';
|
||
|
type = attrsOf (submodule {
|
||
|
options = {
|
||
|
domain = mkOption {
|
||
|
type = str;
|
||
|
description = ''
|
||
|
The host against which the rustscan will be done.
|
||
|
Needed because we have more than interface on the machine.
|
||
|
'';
|
||
|
};
|
||
|
ports = mkOption {
|
||
|
default = { };
|
||
|
type = attrsOf (listOf int);
|
||
|
description = ''
|
||
|
service -> [port, ... ]
|
||
|
Ports that should be verified as beeing closed.
|
||
|
'';
|
||
|
};
|
||
|
};
|
||
|
});
|
||
|
};
|
||
|
}
|