2024-09-15 00:31:47 +02:00
|
|
|
{ lib, ... }:
|
|
|
|
with lib;
|
|
|
|
with types;
|
|
|
|
{
|
2024-09-15 01:32:21 +02:00
|
|
|
# todo add remote command option
|
|
|
|
|
2024-09-15 00:31:47 +02:00
|
|
|
options.verify.closed = mkOption {
|
|
|
|
default = { };
|
|
|
|
example = {
|
|
|
|
public = {
|
2024-09-15 01:09:53 +02:00
|
|
|
host = "example.com";
|
2024-09-15 00:31:47 +02:00
|
|
|
ports = {
|
|
|
|
arr = [
|
|
|
|
7878
|
|
|
|
8989
|
|
|
|
8686
|
|
|
|
];
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
description = ''
|
|
|
|
Verify that ports the defined ports are closed for a specific interface.
|
|
|
|
Verification is done by rustscan.
|
|
|
|
'';
|
|
|
|
type = attrsOf (submodule {
|
|
|
|
options = {
|
2024-09-15 01:09:53 +02:00
|
|
|
host = mkOption {
|
2024-09-15 00:31:47 +02:00
|
|
|
type = str;
|
|
|
|
description = ''
|
|
|
|
The host against which the rustscan will be done.
|
|
|
|
Needed because we have more than interface on the machine.
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
ports = mkOption {
|
|
|
|
default = { };
|
|
|
|
type = attrsOf (listOf int);
|
|
|
|
description = ''
|
|
|
|
service -> [port, ... ]
|
|
|
|
Ports that should be verified as beeing closed.
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
};
|
|
|
|
});
|
|
|
|
};
|
2024-09-15 01:32:21 +02:00
|
|
|
|
2024-09-15 00:31:47 +02:00
|
|
|
}
|