nixos-config/nixos/modules/networking/ports.nix

{ config, lib, ... }:
with lib;
let
  cfg = config.networking.ports;
  noCollision = l: length (unique l) == length l;
in
{
  options.networking.ports = mkOption {
    type = with types; attrsOf port;
    default = {
      # standard ports
      smtp = 25;
      dns = 53;
      http = 80;
      https = 443;
      smtp-tls = 465;
      smtp-submission = 587;
      imap-tls = 993;
      socks = 1080;
      ssh = 2222;

      # local ports
      enthalpy-gost = 3000;
      ntfy = 4000;
      keycloak = 4010;
      miniflux = 4020;
      matrix-synapse = 4030;
      heisenbridge = 4031;
      mautrix-telegram = 4032;
      rspamd-controller = 4040;
      rspamd-redis = 4041;
      caddy-admin = 4050;
      prometheus = 4060;
      prometheus-alertmanager = 4061;
      prometheus-node-exporter = 4070;
      prometheus-blackbox-exporter = 4071;
      prometheus-ping-exporter = 4072;
      vaultwarden = 4080;

      # public ports
      enthalpy-wireguard-reimu-aston = 13101;
      enthalpy-ipsec = 14000;
    };
    readOnly = true;
    description = ''
      A mapping of network ports, each identified by a unique name.
    '';
  };

  config = {
    assertions = singleton {
      assertion = noCollision (attrValues cfg);
      message = "port collision";
    };
  };
}
treewide: init flakes 2024-11-28 01:14:34 +08:00			`{ config, lib, ... }:`
			`with lib;`
			`let`
			`cfg = config.networking.ports;`
			`noCollision = l: length (unique l) == length l;`
			`in`
			`{`
			`options.networking.ports = mkOption {`
			`type = with types; attrsOf port;`
			`default = {`
networking/netns: clean up 2024-12-07 02:08:39 +08:00			`# standard ports`
services/mail: init postfix, dovecot and rspamd 2024-12-19 21:26:19 +08:00			`smtp = 25;`
system/boot: increase maximum buffer size References: https://github.com/quic-go/quic-go/wiki/UDP-Buffer-Sizes 2024-12-20 16:06:23 +08:00			`dns = 53;`
treewide: init flakes 2024-11-28 01:14:34 +08:00			`http = 80;`
			`https = 443;`
services/mail: init postfix, dovecot and rspamd 2024-12-19 21:26:19 +08:00			`smtp-tls = 465;`
system/boot: increase maximum buffer size References: https://github.com/quic-go/quic-go/wiki/UDP-Buffer-Sizes 2024-12-20 16:06:23 +08:00			`smtp-submission = 587;`
services/mail: init postfix, dovecot and rspamd 2024-12-19 21:26:19 +08:00			`imap-tls = 993;`
networking/netns: clean up 2024-12-07 02:08:39 +08:00			`socks = 1080;`
treewide: init flakes 2024-11-28 01:14:34 +08:00			`ssh = 2222;`

networking/netns: clean up 2024-12-07 02:08:39 +08:00			`# local ports`
			`enthalpy-gost = 3000;`
services/ntfy: init 2024-12-15 01:20:55 +08:00			`ntfy = 4000;`
services/keycloak: init 2024-12-15 02:52:27 +08:00			`keycloak = 4010;`
services/miniflux: init 2024-12-17 16:32:59 +08:00			`miniflux = 4020;`
services/matrix-synapse: init 2024-12-18 16:36:47 +08:00			`matrix-synapse = 4030;`
services/matrix: init heisenbridge 2024-12-18 18:54:19 +08:00			`heisenbridge = 4031;`
services/matrix: init mautrix-telegram 2024-12-19 00:09:09 +08:00			`mautrix-telegram = 4032;`
services/mail: init postfix, dovecot and rspamd 2024-12-19 21:26:19 +08:00			`rspamd-controller = 4040;`
			`rspamd-redis = 4041;`
system/boot: increase maximum buffer size References: https://github.com/quic-go/quic-go/wiki/UDP-Buffer-Sizes 2024-12-20 16:06:23 +08:00			`caddy-admin = 4050;`
services/prometheus: init metrics 2024-12-21 20:04:41 +08:00			`prometheus = 4060;`
services/prometheus: setup alertmanager with ntfy 2024-12-22 17:17:07 +08:00			`prometheus-alertmanager = 4061;`
services/prometheus: init metrics 2024-12-21 20:04:41 +08:00			`prometheus-node-exporter = 4070;`
services/prometheus: add blackbox exporter for dns_soa and http check 2024-12-22 16:34:00 +08:00			`prometheus-blackbox-exporter = 4071;`
services/prometheus: collect ping metrics in enthalpy network 2024-12-22 23:41:00 +08:00			`prometheus-ping-exporter = 4072;`
services/vaultwarden: init 2025-01-01 20:11:47 +08:00			`vaultwarden = 4080;`
networking/netns: clean up 2024-12-07 02:08:39 +08:00
			`# public ports`
hosts/flandre-m5p: experimenting with wireguard in enthalpy network 2024-12-13 18:02:22 +08:00			`enthalpy-wireguard-reimu-aston = 13101;`
networking/ports: update enthalpy-ipsec port to 14000 2024-12-21 13:36:14 +08:00			`enthalpy-ipsec = 14000;`
treewide: init flakes 2024-11-28 01:14:34 +08:00			`};`
			`readOnly = true;`
			`description = ''`
			`A mapping of network ports, each identified by a unique name.`
			`'';`
			`};`

			`config = {`
			`assertions = singleton {`
			`assertion = noCollision (attrValues cfg);`
			`message = "port collision";`
			`};`
			`};`
			`}`