mirror of
https://github.com/LnL7/nix-darwin.git
synced 2025-03-13 20:30:02 +00:00
adds com.apple.alf
This commit is contained in:
parent
47a7731943
commit
400a367d4e
3 changed files with 73 additions and 1 deletions
|
@ -14,6 +14,7 @@
|
|||
./system/defaults/dock.nix
|
||||
./system/defaults/finder.nix
|
||||
./system/defaults/screencapture.nix
|
||||
./system/defaults/alf.nix
|
||||
./system/defaults/smb.nix
|
||||
./system/defaults/trackpad.nix
|
||||
./system/etc.nix
|
||||
|
|
|
@ -26,6 +26,7 @@ let
|
|||
LaunchServices = defaultsToList "com.apple.LaunchServices" cfg.LaunchServices;
|
||||
dock = defaultsToList "com.apple.dock" cfg.dock;
|
||||
finder = defaultsToList "com.apple.finder" cfg.finder;
|
||||
alf = defaultsToList "/Library/Preferences/com.apple.alf" cfg.alf;
|
||||
smb = defaultsToList "/Library/Preferences/SystemConfiguration/com.apple.smb.server" cfg.smb;
|
||||
screencapture = defaultsToList "com.apple.screencapture" cfg.screencapture;
|
||||
trackpad = defaultsToList "com.apple.AppleMultitouchTrackpad" cfg.trackpad;
|
||||
|
@ -37,10 +38,11 @@ in
|
|||
{
|
||||
config = {
|
||||
|
||||
system.activationScripts.defaults.text = mkIfAttrs [ smb ]
|
||||
system.activationScripts.defaults.text = mkIfAttrs [ alf smb ]
|
||||
''
|
||||
# Set defaults
|
||||
echo >&2 "system defaults..."
|
||||
${concatStringsSep "\n" alf}
|
||||
${concatStringsSep "\n" smb}
|
||||
'';
|
||||
|
||||
|
|
69
modules/system/defaults/alf.nix
Normal file
69
modules/system/defaults/alf.nix
Normal file
|
@ -0,0 +1,69 @@
|
|||
{ config, lib, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
{
|
||||
options = {
|
||||
system.defaults.alf.globalstate = mkOption {
|
||||
type = types.nullOr types.int;
|
||||
default = null;
|
||||
description = ''
|
||||
# Apple menu > System Preferences > Security and Privacy > Firewall
|
||||
Enable the internal firewall to prevent unauthorised applications, programs
|
||||
and services from accepting incoming connections.
|
||||
|
||||
0 = disabled
|
||||
1 = enabled
|
||||
2 = blocks all connections except for essential services
|
||||
'';
|
||||
};
|
||||
|
||||
system.defaults.alf.allowsignedenabled = mkOption {
|
||||
type = types.nullOr types.int;
|
||||
default = null;
|
||||
description = ''
|
||||
# Apple menu > System Preferences > Security and Privacy > Firewall
|
||||
Allows any signed Application to accept incoming requests. Default is true.
|
||||
|
||||
0 = disabled
|
||||
1 = enabled
|
||||
'';
|
||||
};
|
||||
|
||||
system.defaults.alf.allowdownloadsignedenabled = mkOption {
|
||||
type = types.nullOr types.int;
|
||||
default = null;
|
||||
description = ''
|
||||
# Apple menu > System Preferences > Security and Privacy > Firewall
|
||||
Allows any downloaded Application that has been signed to accept incoming requests. Default is 0.
|
||||
|
||||
0 = disabled
|
||||
1 = enabled
|
||||
'';
|
||||
};
|
||||
|
||||
system.defaults.alf.loggingenabled = mkOption {
|
||||
type = types.nullOr types.int;
|
||||
default = null;
|
||||
description = ''
|
||||
# Apple menu > System Preferences > Security and Privacy > Firewall
|
||||
Enable logging of requests made to the firewall. Default is 0.
|
||||
|
||||
0 = disabled
|
||||
1 = enabled
|
||||
'';
|
||||
};
|
||||
|
||||
system.defaults.alf.stealthenabled = mkOption {
|
||||
type = types.nullOr types.int;
|
||||
default = null;
|
||||
description = ''
|
||||
# Apple menu > System Preferences > Security and firewall
|
||||
Drops incoming requests via ICMP such as ping requests. Default is 0.
|
||||
|
||||
0 = disabled
|
||||
1 = enabled
|
||||
'';
|
||||
};
|
||||
};
|
||||
}
|
Loading…
Add table
Reference in a new issue