From 8fa81f2c6c210b04decfeec635bf31c9ff4fc376 Mon Sep 17 00:00:00 2001
From: diniamo <diniamo53@gmail.com>
Date: Wed, 23 Oct 2024 14:37:04 +0200
Subject: [PATCH] nixos/grafana: add openFirewall option

(cherry picked from commit 5bb944c6f514d129f0418f7b7073909d2bd93fad)
---
 nixos/modules/services/monitoring/grafana.nix | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/nixos/modules/services/monitoring/grafana.nix b/nixos/modules/services/monitoring/grafana.nix
index 37207474901c..786bad49507f 100644
--- a/nixos/modules/services/monitoring/grafana.nix
+++ b/nixos/modules/services/monitoring/grafana.nix
@@ -430,6 +430,12 @@ in
       type = types.path;
     };
 
+    openFirewall = mkOption {
+      type = types.bool;
+      default = false;
+      description = "Open the ports in the firewall for the server.";
+    };
+
     settings = mkOption {
       description = ''
         Grafana settings. See <https://grafana.com/docs/grafana/latest/setup-grafana/configure-grafana/>
@@ -2078,6 +2084,8 @@ in
       '';
     };
 
+    networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [ cfg.settings.server.http_port ];
+
     users.users.grafana = {
       uid = config.ids.uids.grafana;
       description = "Grafana user";