Make opening ports in the firewall optional

default.nix

@@ -25,6 +25,12 @@ in
   options.mailserver = {
     enable = mkEnableOption "nixos-mailserver";
 
+    openFirewall = mkOption {
+      type = types.bool;
+      default = true;
+      description = "Automatically open ports in the firewall.";
+    };
+
     fqdn = mkOption {
       type = types.str;
       example = "mx.example.com";

mail-server/networking.nix

@@ -20,7 +20,7 @@ let
   cfg = config.mailserver;
 in
 {
-  config = with cfg; lib.mkIf enable {
+  config = with cfg; lib.mkIf (enable && openFirewall) {
 
     networking.firewall = {
       allowedTCPPorts = [ 25 ]