Add opensnitch to Linux

2025-08-07 21:32:27 +00:00 · 2021-08-06 21:08:48 -04:00
parent 452b302586
commit 425e9583ff
4 changed files with 46 additions and 19 deletions
--- a/common/opensnitch/default.nix
+++ b/common/opensnitch/default.nix
@@ -0,0 +1,24 @@
+{ pkgs, ... }:
+{
+  systemd = {
+    services = {
+      opensnitch = {
+        description = "Opensnitch Application Firewall Daemon";
+        wants = [ "network.target" ];
+        after = [ "network.target" ];
+        wantedBy = [ "multi-user.target" ];
+        path = [ pkgs.iptables ];
+        serviceConfig = {
+          Type = "simple";
+          PermissionsStartOnly = true;
+          ExecStartPre = "${pkgs.coreutils}/bin/mkdir -p /etc/opensnitch/rules";
+          ExecStart = "${pkgs.opensnitch}/bin/opensnitchd -rules-path /etc/opensnitch/rules";
+          Restart = "always";
+          RestartSec = 30;
+        };
+        enable = true;
+      };
+    };
+  };
+
+}