From 227c4b1aacda5715eea0a0627e1eac6349f6badd Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Mon, 2 Dec 2019 01:29:07 +0100
Subject: [PATCH] tv im: add weechat relay support

---
 tv/3modules/im.nix | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/tv/3modules/im.nix b/tv/3modules/im.nix
index 905b7803b..8cb137510 100644
--- a/tv/3modules/im.nix
+++ b/tv/3modules/im.nix
@@ -32,6 +32,8 @@ in {
     tv.im.server.mosh.enable = lib.mkEnableOption "tv.im.server.mosh" // {
       default = true;
     };
+    tv.im.server.weechat.relay.enable =
+      lib.mkEnableOption "tv.im.server.weechat.relay";
     tv.im.server.user = lib.mkOption {
       default = config.krebs.users.tv;
       type = lib.types.user;
@@ -93,5 +95,16 @@ in {
         "-s ${im.client.host.nets.retiolum.ip6.addr} -p udp --dport 60000:61000 -j ACCEPT"
       ];
     })
+    (lib.mkIf im.server.weechat.relay.enable {
+      krebs.iana-etc.services = {
+        "9001".tcp.name = "weechat-ssl";
+      };
+      tv.iptables.extra4.filter.Retiolum = [
+        "-s ${im.client.host.nets.retiolum.ip4.addr} -p tcp -m tcp --dport 9001 -j ACCEPT"
+      ];
+      tv.iptables.extra6.filter.Retiolum = [
+        "-s ${im.client.host.nets.retiolum.ip6.addr} -p tcp -m tcp --dport 9001 -j ACCEPT"
+      ];
+    })
   ];
 }