1
0
Fork 0
mirror of https://github.com/LnL7/nix-darwin.git synced 2025-03-13 20:30:02 +00:00

adds com.apple.alf

This commit is contained in:
Simon Holywell 2019-11-04 13:56:21 +10:00
parent 47a7731943
commit 400a367d4e
No known key found for this signature in database
GPG key ID: 3346447094AB9095
3 changed files with 73 additions and 1 deletions

View file

@ -14,6 +14,7 @@
./system/defaults/dock.nix
./system/defaults/finder.nix
./system/defaults/screencapture.nix
./system/defaults/alf.nix
./system/defaults/smb.nix
./system/defaults/trackpad.nix
./system/etc.nix

View file

@ -26,6 +26,7 @@ let
LaunchServices = defaultsToList "com.apple.LaunchServices" cfg.LaunchServices;
dock = defaultsToList "com.apple.dock" cfg.dock;
finder = defaultsToList "com.apple.finder" cfg.finder;
alf = defaultsToList "/Library/Preferences/com.apple.alf" cfg.alf;
smb = defaultsToList "/Library/Preferences/SystemConfiguration/com.apple.smb.server" cfg.smb;
screencapture = defaultsToList "com.apple.screencapture" cfg.screencapture;
trackpad = defaultsToList "com.apple.AppleMultitouchTrackpad" cfg.trackpad;
@ -37,10 +38,11 @@ in
{
config = {
system.activationScripts.defaults.text = mkIfAttrs [ smb ]
system.activationScripts.defaults.text = mkIfAttrs [ alf smb ]
''
# Set defaults
echo >&2 "system defaults..."
${concatStringsSep "\n" alf}
${concatStringsSep "\n" smb}
'';

View file

@ -0,0 +1,69 @@
{ config, lib, ... }:
with lib;
{
options = {
system.defaults.alf.globalstate = mkOption {
type = types.nullOr types.int;
default = null;
description = ''
# Apple menu > System Preferences > Security and Privacy > Firewall
Enable the internal firewall to prevent unauthorised applications, programs
and services from accepting incoming connections.
0 = disabled
1 = enabled
2 = blocks all connections except for essential services
'';
};
system.defaults.alf.allowsignedenabled = mkOption {
type = types.nullOr types.int;
default = null;
description = ''
# Apple menu > System Preferences > Security and Privacy > Firewall
Allows any signed Application to accept incoming requests. Default is true.
0 = disabled
1 = enabled
'';
};
system.defaults.alf.allowdownloadsignedenabled = mkOption {
type = types.nullOr types.int;
default = null;
description = ''
# Apple menu > System Preferences > Security and Privacy > Firewall
Allows any downloaded Application that has been signed to accept incoming requests. Default is 0.
0 = disabled
1 = enabled
'';
};
system.defaults.alf.loggingenabled = mkOption {
type = types.nullOr types.int;
default = null;
description = ''
# Apple menu > System Preferences > Security and Privacy > Firewall
Enable logging of requests made to the firewall. Default is 0.
0 = disabled
1 = enabled
'';
};
system.defaults.alf.stealthenabled = mkOption {
type = types.nullOr types.int;
default = null;
description = ''
# Apple menu > System Preferences > Security and firewall
Drops incoming requests via ICMP such as ping requests. Default is 0.
0 = disabled
1 = enabled
'';
};
};
}