mirror of
https://github.com/LnL7/nix-darwin.git
synced 2025-03-06 16:57:08 +00:00
e65131e69c
This process was automated by [my fork of `nix-doc-munge`]; thanks
to @pennae for writing this tool! It automatically checks that the
resulting documentation doesn't change, although my fork loosens
this a little to ignore some irrelevant whitespace and typographical
differences.
As of this commit there is no DocBook remaining in the options
documentation.
You can play along at home if you want to reproduce this commit:
$ NIX_PATH=nixpkgs=flake:nixpkgs/c1bca7fe84c646cfd4ebf3482c0e6317a0b13f22 \
nix shell nixpkgs#coreutils \
-c find . -name '*.nix' \
-exec nix run github:emilazy/nix-doc-munge/0a7190f600027bf7baf6cb7139e4d69ac2f51062 \
{} +
[my fork of `nix-doc-munge`]: https://github.com/emilazy/nix-doc-munge
74 lines
2 KiB
Nix
74 lines
2 KiB
Nix
{ config, lib, ... }:
|
|
|
|
with lib;
|
|
|
|
{
|
|
options = {
|
|
system.defaults.alf.globalstate = mkOption {
|
|
type = types.nullOr types.int;
|
|
default = null;
|
|
description = lib.mdDoc ''
|
|
Apple menu > System Preferences > Security and Privacy > Firewall
|
|
|
|
Enable the internal firewall to prevent unauthorised applications, programs
|
|
and services from accepting incoming connections.
|
|
|
|
0 = disabled
|
|
1 = enabled
|
|
2 = blocks all connections except for essential services
|
|
'';
|
|
};
|
|
|
|
system.defaults.alf.allowsignedenabled = mkOption {
|
|
type = types.nullOr types.int;
|
|
default = null;
|
|
description = lib.mdDoc ''
|
|
Apple menu > System Preferences > Security and Privacy > Firewall
|
|
|
|
Allows any signed Application to accept incoming requests. Default is true.
|
|
|
|
0 = disabled
|
|
1 = enabled
|
|
'';
|
|
};
|
|
|
|
system.defaults.alf.allowdownloadsignedenabled = mkOption {
|
|
type = types.nullOr types.int;
|
|
default = null;
|
|
description = lib.mdDoc ''
|
|
Apple menu > System Preferences > Security and Privacy > Firewall
|
|
|
|
Allows any downloaded Application that has been signed to accept incoming requests. Default is 0.
|
|
|
|
0 = disabled
|
|
1 = enabled
|
|
'';
|
|
};
|
|
|
|
system.defaults.alf.loggingenabled = mkOption {
|
|
type = types.nullOr types.int;
|
|
default = null;
|
|
description = lib.mdDoc ''
|
|
Apple menu > System Preferences > Security and Privacy > Firewall
|
|
|
|
Enable logging of requests made to the firewall. Default is 0.
|
|
|
|
0 = disabled
|
|
1 = enabled
|
|
'';
|
|
};
|
|
|
|
system.defaults.alf.stealthenabled = mkOption {
|
|
type = types.nullOr types.int;
|
|
default = null;
|
|
description = lib.mdDoc ''
|
|
Apple menu > System Preferences > Security and firewall
|
|
|
|
Drops incoming requests via ICMP such as ping requests. Default is 0.
|
|
|
|
0 = disabled
|
|
1 = enabled
|
|
'';
|
|
};
|
|
};
|
|
}
|