📝 add documentation to verify flake module

This commit is contained in:
Ingolf Wagner 2024-09-15 05:31:47 +07:00
parent 577003f607
commit c264db7f13
No known key found for this signature in database
GPG key ID: 76BF5F1928B9618B
4 changed files with 62 additions and 29 deletions

View file

@ -3,7 +3,7 @@
imports = [ ]; imports = [ ];
flake.nixosModules.verify = { flake.nixosModules.verify = {
imports = [ ./module.nix ]; imports = [ ./modules ];
}; };
perSystem = perSystem =

View file

@ -1,28 +0,0 @@
{ lib, ... }:
with lib;
with types;
{
# todo add commad option
# todo add remote command option
options.verify.closed = mkOption {
default = { };
type = attrsOf (submodule {
options = {
domain = mkOption {
type = str;
description = ''
domain to scan
'';
};
# todo: make this an attrs so I know why port xyz should be closed.
ports = mkOption {
default = { };
type = attrsOf (listOf int);
description = ''
ports that should be closed
'';
};
};
});
};
}

View file

@ -0,0 +1,53 @@
{ lib, ... }:
with lib;
with types;
{
options.verify.closed = mkOption {
default = { };
example = {
public = {
domain = "example.com";
ports = {
arr = [
7878
8989
8686
];
};
};
work_vpn = {
domain = "10.1.1.100";
ports = {
arr = [
7878
8989
8686
];
};
};
};
description = ''
Verify that ports the defined ports are closed for a specific interface.
Verification is done by rustscan.
'';
type = attrsOf (submodule {
options = {
domain = mkOption {
type = str;
description = ''
The host against which the rustscan will be done.
Needed because we have more than interface on the machine.
'';
};
ports = mkOption {
default = { };
type = attrsOf (listOf int);
description = ''
service -> [port, ... ]
Ports that should be verified as beeing closed.
'';
};
};
});
};
}

View file

@ -0,0 +1,8 @@
{ lib, ... }:
with lib;
with types;
{
# todo add commad option
# todo add remote command option
imports = [ ./closed.nix ];
}