Refactor of the networking part.

Added new option. `config.system.networking.allowedPorts` as well as a
boolean for enabling/disabling this.

modules/system/networking.nix

@@ -1,11 +1,34 @@
-{ config, lib, pkgs, ... }: {
+{ config, lib, pkgs, user, ... }:
-  programs.mtr.enable = true;
+let
-  networking = {
+  this = config.system.networking;
-    firewall = {
+in
-      enable = true;
+with lib; {
-      allowedTCPPorts = [ 443 80 ];
+  options = {
-      allowedUDPPorts = [ 443 80 ];
+    system.networking = {
-      allowPing = false;
+      enable = mkOption {
+        default = true;
+        type = with types; bool;
+      };
+
+      allowedPorts = mkOption {
+        default = with pkgs; [ 443 80 ];
+        type = with types; listOf port;
+        description = "List of ports that can be opened. Applies to both UDP and TCP";
+      };
+    };
+  };
+
+  config = mkIf this.enable {
+    networking.networkmanager.enable = true;
+    users.users."${user.name}".extraGroups = [ "networkmanager" ];
+    programs.mtr.enable = true;
+    networking = {
+      firewall = {
+        enable = true;
+        allowedTCPPorts = this.allowedPorts;
+        allowedUDPPorts = this.allowedPorts;
+        allowPing = false;
+      };
     };
   };
 }

profiles/laptop.nix

@@ -1,6 +1,4 @@
 { config, lib, pkgs, user, ... }: {
   imports = [ ./graphical.nix ];
   my.system.boot.enable = true;
-  networking.networkmanager.enable = true;
-  users.users."${user.name}".extraGroups = [ "networkmanager" ];
 }