crowdsec: Fix bouncer option

2026-01-21 14:01:34 +01:00 · 2025-09-10 23:39:27 +02:00 · 2025-09-10 23:39:27 +02:00 · e23111b6d7
commit e23111b6d7
parent eff300b055
2 changed files with 12 additions and 10 deletions
--- a/hosts/srv-public/default.nix
+++ b/hosts/srv-public/default.nix
@ -29,7 +29,7 @@
          sshd = true;
          caddy = true;
        };
-        bouncer.firewall = true;
+        bouncers.firewall = true;
      };

      forgejo = {
--- a/modules/system/services/crowdsec.nix
+++ b/modules/system/services/crowdsec.nix
@ -11,9 +11,9 @@ let
  user = config.users.users.crowdsec.name;
 in
 {
-  imports = [
-    inputs.crowdsec.nixosModules.crowdsec
-    inputs.crowdsec.nixosModules.crowdsec-firewall-bouncer
+  imports = with inputs.crowdsec.nixosModules; [
+    crowdsec
+    crowdsec-firewall-bouncer
  ];

  options.custom.services.crowdsec = {
@ -31,7 +31,7 @@ in
      caddy = lib.mkEnableOption "";
      sshd = lib.mkEnableOption "";
    };
-    bouncer.firewall = lib.mkEnableOption "";
+    bouncers.firewall = lib.mkEnableOption "";
  };

  config = lib.mkIf cfg.enable {
@ -77,7 +77,7 @@ in
          ];
      };

-      crowdsec-firewall-bouncer = {
+      crowdsec-firewall-bouncer = lib.mkIf cfg.bouncers.firewall {
        enable = true;
        package = inputs.crowdsec.packages.${pkgs.system}.crowdsec-firewall-bouncer;
        settings = {
@ -120,9 +120,11 @@ in
          fi
        '';
      in
-      lib.mkAfter [
-        collectionsScript
-        bouncerScript
-      ];
+      lib.mkAfter (
+        lib.concatLists [
+          (lib.singleton collectionsScript)
+          (lib.optional cfg.bouncers.firewall bouncerScript)
+        ]
+      );
  };
 }