From 7bb7ea52e91fac2555dca9ccc1d99527da9fabb2 Mon Sep 17 00:00:00 2001
From: Peter Simons <simons@cryp.to>
Date: Mon, 23 Dec 2013 21:30:10 +0100
Subject: nixos: don't white-list port 5900 in the firewall when x11vnc is
 enabled

If you want x11vnc to receive TCP connections from the rest of the world,
please add

    networking.firewall.allowedTCPPorts = [ 5900 ];

to /etc/nixos/configuration.nix.

See <http://lists.science.uu.nl/pipermail/nix-dev/2013-November/011997.html>
for the discussion that lead to this.
---
 nixos/modules/services/x11/terminal-server.nix | 2 --
 1 file changed, 2 deletions(-)

(limited to 'nixos')

diff --git a/nixos/modules/services/x11/terminal-server.nix b/nixos/modules/services/x11/terminal-server.nix
index 72ecb8fe2fd79..bf9c3435503dc 100644
--- a/nixos/modules/services/x11/terminal-server.nix
+++ b/nixos/modules/services/x11/terminal-server.nix
@@ -42,8 +42,6 @@ in
         Xaccess=${pkgs.writeText "Xaccess" "localhost"}
       '';
 
-    networking.firewall.allowedTCPPorts = [ 5900 ];
-
     systemd.sockets.terminal-server =
       { description = "Terminal Server Socket";
         wantedBy = [ "sockets.target" ];
-- 
cgit 1.4.1