nixos/steam: add localNetworkTransfers.openFirewall option

Steam local network game transfers require TCP port 27040 to be open: https://steamcommunity.com/groups/SteamClientBeta/discussions/0/3775742015034590856/#c3827537203130812127 They also require UDP port 27036 to allow discovering peers on the same network before a transfer on port 27040 can be initiated. Co-authored-by: Kira Bruneau <kira.bruneau@pm.me>
2024-02-23 21:59:16 +01:00
parent 899fe5550b
commit 877179c89d
1 changed files with 17 additions and 1 deletions
--- a/nixos/modules/programs/steam.nix
+++ b/nixos/modules/programs/steam.nix
@@ -82,6 +82,14 @@ in {
      '';
    };
    localNetworkGameTransfers.openFirewall = mkOption {
      type = types.bool;
      default = false;
      description = lib.mdDoc ''
        Open ports in the firewall for Steam Local Network Game Transfers.
      '';
    };
    gamescopeSession = mkOption {
      description = mdDoc "Run a GameScope driven Steam session from your display-manager";
      default = {};
@@ -139,15 +147,23 @@ in {
    ] ++ lib.optional cfg.gamescopeSession.enable steam-gamescope;
    networking.firewall = lib.mkMerge [
      (mkIf (cfg.remotePlay.openFirewall || cfg.localNetworkGameTransfers.openFirewall) {
        allowedUDPPorts = [ 27036 ]; # Peer discovery
      })
      (mkIf cfg.remotePlay.openFirewall {
        allowedTCPPorts = [ 27036 ];
-        allowedUDPPortRanges = [ { from = 27031; to = 27036; } ];
+        allowedUDPPortRanges = [ { from = 27031; to = 27035; } ];
      })
      (mkIf cfg.dedicatedServer.openFirewall {
        allowedTCPPorts = [ 27015 ]; # SRCDS Rcon port
        allowedUDPPorts = [ 27015 ]; # Gameplay traffic
      })
      (mkIf cfg.localNetworkGameTransfers.openFirewall {
        allowedTCPPorts = [ 27040 ]; # Data transfers
      })
    ];
  };