60 lines
1.4 KiB
Nix
60 lines
1.4 KiB
Nix
{ lib, ... }:
|
|
with lib;
|
|
with types;
|
|
{
|
|
# todo add remote command option
|
|
|
|
options.verify = mkOption {
|
|
default = { };
|
|
example = {
|
|
public = {
|
|
host = "example.com";
|
|
closedPorts = {
|
|
arr = [
|
|
7878
|
|
8989
|
|
8686
|
|
];
|
|
};
|
|
};
|
|
vpn = {
|
|
host = "10.1.1.100";
|
|
localCommands.arr = ''
|
|
echo "test arr with curl or something";
|
|
'';
|
|
};
|
|
};
|
|
description = ''
|
|
Verify that ports the defined ports are closed for a specific interface.
|
|
Verification is done by rustscan.
|
|
'';
|
|
type = attrsOf (submodule {
|
|
options = {
|
|
host = mkOption {
|
|
type = str;
|
|
description = ''
|
|
The host against which the rustscan will be done.
|
|
Needed because we have more than interface on the machine.
|
|
'';
|
|
};
|
|
closedPorts = mkOption {
|
|
default = { };
|
|
type = attrsOf (listOf int);
|
|
description = ''
|
|
service -> [port, ... ]
|
|
Ports that should be verified as beeing closed.
|
|
'';
|
|
};
|
|
localCommands = mkOption {
|
|
default = { };
|
|
type = attrsOf str;
|
|
description = ''
|
|
service -> command
|
|
command to run on local machine to test remote server.
|
|
'';
|
|
};
|
|
};
|
|
});
|
|
};
|
|
|
|
}
|