diff --git a/nixos/modules/programs/captive-browser.nix b/nixos/modules/programs/captive-browser.nix
index 9765a5fa3df7..55d474e5c9db 100644
--- a/nixos/modules/programs/captive-browser.nix
+++ b/nixos/modules/programs/captive-browser.nix
@@ -15,6 +15,8 @@ in
package = mkOption {
type = types.package;
default = pkgs.captive-browser;
+ defaultText = "pkgs.captive-browser";
+ description = "Which package to use for captive-browser";
};
interface = mkOption {
@@ -35,7 +37,7 @@ in
''http://cache.nixos.org/''
];
description = ''
- the shell (/bin/sh) command executed once the proxy starts.
+ The shell (/bin/sh) command executed once the proxy starts.
When browser exits, the proxy exits. An extra env var PROXY is available.
Here, we use a separate Chrome instance in Incognito mode, so that
@@ -51,7 +53,7 @@ in
dhcp-dns = mkOption {
type = types.str;
description = ''
- the shell (/bin/sh) command executed to obtain the DHCP
+ The shell (/bin/sh) command executed to obtain the DHCP
DNS server address. The first match of an IPv4 regex is used.
IPv4 only, because let's be real, it's a captive portal.
'';
@@ -62,6 +64,16 @@ in
default = "localhost:1666";
description = ''the listen address for the SOCKS5 proxy server'';
};
+
+ bindInterface = mkOption {
+ default = true;
+ type = types.bool;
+ description = ''
+ Binds captive-browser to the network interface declared in
+ cfg.interface. This can be used to avoid collisions
+ with private subnets.
+ '';
+ };
};
};
@@ -99,7 +111,9 @@ in
browser = """${cfg.browser}"""
dhcp-dns = """${cfg.dhcp-dns}"""
socks5-addr = """${cfg.socks5-addr}"""
- bind-device = """${cfg.interface}"""
+ ${optionalString cfg.bindInterface ''
+ bind-device = """${cfg.interface}"""
+ ''}
''}
exec ${cfg.package}/bin/captive-browser
'';