diff --git a/nixos/modules/services/audio/mpd.nix b/nixos/modules/services/audio/mpd.nix
index b6cbe78d414b8..909f78d9a04ef 100644
--- a/nixos/modules/services/audio/mpd.nix
+++ b/nixos/modules/services/audio/mpd.nix
@@ -143,9 +143,13 @@ in
       };
 
       openFirewall = lib.mkOption {
-        type = lib.types.bool;
-        default = false;
-        description = "Open ports in the firewall for mpd.";
+        type = lib.types.nullOr lib.types.bool;
+        default = null;
+        description = ''
+          Open ports in the firewall for mpd. If `null` (default), you might
+          get a warning asking you to set it explicitly to `true` or `false`,
+          depending upon the value of `services.mpd.settings.bind_to_address`.
+        '';
       };
 
       settings = lib.mkOption {
@@ -378,9 +382,9 @@ in
             ])
             || (lib.hasPrefix "/" cfg.settings.bind_to_address)
           )
-          && !cfg.openFirewall
+          && (isNull cfg.openFirewall)
         )
-        "Using '${cfg.settings.bind_to_address}' as services.mpd.settings.bind_to_address without enabling services.mpd.openFirewall, might prevent you from accessing MPD from other clients.";
+        "Using '${cfg.settings.bind_to_address}' as services.mpd.settings.bind_to_address without enabling services.mpd.openFirewall, might prevent you from accessing MPD from other clients. To suppress this warning, set services.mpd.openFirewall explicitly to `false`";
 
     # install mpd units
     systemd.packages = [ pkgs.mpd ];
@@ -438,7 +442,9 @@ in
       };
     };
 
-    networking.firewall.allowedTCPPorts = lib.optionals cfg.openFirewall [ cfg.settings.port ];
+    networking.firewall.allowedTCPPorts = lib.optionals (
+      builtins.isBool cfg.openFirewall && cfg.openFirewall
+    ) [ cfg.settings.port ];
 
     users.users = lib.optionalAttrs (cfg.user == name) {
       ${name} = {