nixos/profiles/avahi.nix

   1 { config, lib, ... }:
   2 {
   3   services.avahi = {
   4     enable = lib.mkDefault true;
   5     nssmdns4 = lib.mkDefault true;
   6     nssmdns6 = lib.mkDefault true;
   7     # Disabling this setting also disables discovering of network devices.
   8     openFirewall = lib.mkDefault true;
   9     publish.enable = lib.mkDefault false;
  10   };
  11   networking.nftables.ruleset = lib.mkIf config.services.avahi.enable (''
  12     table inet filter {
  13       chain output-lan {
  14         skuid ${config.users.users.avahi.name} udp sport mdns udp dport mdns counter accept comment "Avahi: MulticastDNS"
  15       }
  16     }
  17   '' + lib.optionalString config.services.avahi.openFirewall ''
  18     table inet filter {
  19       chain input-lan {
  20         udp dport mdns counter accept comment "Avahi: MulticastDNS"
  21       }
  22     }
  23   '');
  24 }