Virtual FTP

author: Gregor Kleen <gkleen@yggdrasil.li> 2017-12-06 13:37:55 +0100
committer: Gregor Kleen <gkleen@yggdrasil.li> 2017-12-06 13:37:55 +0100
commit: 4b040faf4f490ced545dcf10741e903c064ca78f (patch)
tree: c406dbe2d00ed9059c1be933fe92cba956c983e6
parent: adcf8d43e465d9d4905df8162e1b5edb288553a6 (diff)
download: nixos-4b040faf4f490ced545dcf10741e903c064ca78f.tar
nixos-4b040faf4f490ced545dcf10741e903c064ca78f.tar.gz
nixos-4b040faf4f490ced545dcf10741e903c064ca78f.tar.bz2
nixos-4b040faf4f490ced545dcf10741e903c064ca78f.tar.xz
nixos-4b040faf4f490ced545dcf10741e903c064ca78f.zip
2 files changed, 10 insertions, 6 deletions
diff --git a/users/gkleen.nix b/users/gkleen.nix
index 1beaf1c3..648f4ab1 100644
--- a/users/gkleen.nix
+++ b/users/gkleen.nix
@@ -1,7 +1,7 @@
 {
  name = "gkleen";
  description = "Gregor Kleen";
-  extraGroups = [ "wheel" "network" "lp" "dialout" "audio" "xmpp" "mail" "ftp" "ssh" "vboxusers" ];
+  extraGroups = [ "wheel" "network" "lp" "dialout" "audio" "xmpp" "mail" "ssh" "vboxusers" ];
  group = "users";
  uid = 1000;
  createHome = true;
diff --git a/ymir.nix b/ymir.nix
index 0d7de78d..bb6bc183 100644
--- a/ymir.nix
+++ b/ymir.nix
@@ -983,14 +983,18 @@ in rec {
      pasv_min_port=20000
      allow_writeable_chroot=yes
+      guest_enable=yes
+      guest_username=vsftpd
+      virtual_use_local_privs=yes
+      user_sub_token=$USER
+      local_root=/srv/ftp/$USER
+      hide_ids=yes
    '';
  };
  security.pam.services."vsftpd".text = ''
-    auth requisite  pam_succeed_if.so user ingroup ftp
+    auth required pam_pwdfile.so pwdfile /srv/ftp.htpasswd
+    account required pam_permit.so
-    auth include ftp
-    account include ftp
-    session include ftp
  '';
 }
author	Gregor Kleen <gkleen@yggdrasil.li>	2017-12-06 13:37:55 +0100
committer	Gregor Kleen <gkleen@yggdrasil.li>	2017-12-06 13:37:55 +0100
commit	4b040faf4f490ced545dcf10741e903c064ca78f (patch)
tree	c406dbe2d00ed9059c1be933fe92cba956c983e6
parent	adcf8d43e465d9d4905df8162e1b5edb288553a6 (diff)
download	nixos-4b040faf4f490ced545dcf10741e903c064ca78f.tar nixos-4b040faf4f490ced545dcf10741e903c064ca78f.tar.gz nixos-4b040faf4f490ced545dcf10741e903c064ca78f.tar.bz2 nixos-4b040faf4f490ced545dcf10741e903c064ca78f.tar.xz nixos-4b040faf4f490ced545dcf10741e903c064ca78f.zip

diff --git a/users/gkleen.nix b/users/gkleen.nix index 1beaf1c3..648f4ab1 100644 --- a/users/gkleen.nix +++ b/users/gkleen.nix
@@ -1,7 +1,7 @@
1	{	1	{
2	name = "gkleen";	2	name = "gkleen";
3	description = "Gregor Kleen";	3	description = "Gregor Kleen";
4	extraGroups = [ "wheel" "network" "lp" "dialout" "audio" "xmpp" "mail" "ftp" "ssh" "vboxusers" ];	4	extraGroups = [ "wheel" "network" "lp" "dialout" "audio" "xmpp" "mail" "ssh" "vboxusers" ];
5	group = "users";	5	group = "users";
6	uid = 1000;	6	uid = 1000;
7	createHome = true;	7	createHome = true;


diff --git a/ymir.nix b/ymir.nix index 0d7de78d..bb6bc183 100644 --- a/ymir.nix +++ b/ymir.nix
@@ -983,14 +983,18 @@ in rec {
983	pasv_min_port=20000	983	pasv_min_port=20000
984		984
985	allow_writeable_chroot=yes	985	allow_writeable_chroot=yes
		986
		987	guest_enable=yes
		988	guest_username=vsftpd
		989	virtual_use_local_privs=yes
		990	user_sub_token=$USER
		991	local_root=/srv/ftp/$USER
		992	hide_ids=yes
986	'';	993	'';
987	};	994	};
988		995
989	security.pam.services."vsftpd".text = ''	996	security.pam.services."vsftpd".text = ''
990	auth requisite pam_succeed_if.so user ingroup ftp	997	auth required pam_pwdfile.so pwdfile /srv/ftp.htpasswd
991		998	account required pam_permit.so
992	auth include ftp
993	account include ftp
994	session include ftp
995	'';	999	'';
996	}	1000	}