first work on prosody on ymir

author: Gregor Kleen <gkleen@yggdrasil.li> 2015-09-25 16:15:40 +0200
committer: Gregor Kleen <gkleen@yggdrasil.li> 2015-09-25 16:15:40 +0200
commit: c032cf8bf7581ad6a1e1fb36c566b4577c8b8809 (patch)
tree: b437187e448fec09b2cf0e71badefc122f012430
parent: d0c0912b65de13f1c589798d25df63f2cf40bf1a (diff)
download: nixos-c032cf8bf7581ad6a1e1fb36c566b4577c8b8809.tar
nixos-c032cf8bf7581ad6a1e1fb36c566b4577c8b8809.tar.gz
nixos-c032cf8bf7581ad6a1e1fb36c566b4577c8b8809.tar.bz2
nixos-c032cf8bf7581ad6a1e1fb36c566b4577c8b8809.tar.xz
nixos-c032cf8bf7581ad6a1e1fb36c566b4577c8b8809.zip
1 files changed, 29 insertions, 0 deletions
diff --git a/ymir.nix b/ymir.nix
index 34d5122d..3d1d8f9c 100644
--- a/ymir.nix
+++ b/ymir.nix
@@ -69,4 +69,33 @@
    enable = true;
  };
+  services.prosody = {
+    enable = true;
+    admins = [
+               "gkleen@xmpp.li"
+             ];
+    allowRegistration = false;
+    extraConfig = ''
+      authentication = "pam"
+    '';
+    extraModules = [ "auth_pam"
+                   ];
+    virtualHosts.default = {
+      enabled = true;
+      domain = "xmpp.li";
+      ssl = {
+        key = "certs/xmpp.li.key";
+        cert = "certs/xmpp.li.crt";
+      };
+    };
+  };
+  environment.etc."pam.d/xmpp" = {
+    text = ''
+      auth    [success=1 default=ignore]  pam_unix.so obscure sha512 nodelay
+      auth    required                    pam_succeed_if.so user ingroup xmpp
+      auth    requisite                   pam_deny.so
+      auth    required                    pam_permit.so
+    '';
+  };
 }
author	Gregor Kleen <gkleen@yggdrasil.li>	2015-09-25 16:15:40 +0200
committer	Gregor Kleen <gkleen@yggdrasil.li>	2015-09-25 16:15:40 +0200
commit	c032cf8bf7581ad6a1e1fb36c566b4577c8b8809 (patch)
tree	b437187e448fec09b2cf0e71badefc122f012430
parent	d0c0912b65de13f1c589798d25df63f2cf40bf1a (diff)
download	nixos-c032cf8bf7581ad6a1e1fb36c566b4577c8b8809.tar nixos-c032cf8bf7581ad6a1e1fb36c566b4577c8b8809.tar.gz nixos-c032cf8bf7581ad6a1e1fb36c566b4577c8b8809.tar.bz2 nixos-c032cf8bf7581ad6a1e1fb36c566b4577c8b8809.tar.xz nixos-c032cf8bf7581ad6a1e1fb36c566b4577c8b8809.zip

diff --git a/ymir.nix b/ymir.nix index 34d5122d..3d1d8f9c 100644 --- a/ymir.nix +++ b/ymir.nix
@@ -69,4 +69,33 @@
69	enable = true;	69	enable = true;
70	};	70	};
71		71
		72	services.prosody = {
		73	enable = true;
		74	admins = [
		75	"gkleen@xmpp.li"
		76	];
		77	allowRegistration = false;
		78	extraConfig = ''
		79	authentication = "pam"
		80	'';
		81	extraModules = [ "auth_pam"
		82	];
		83
		84	virtualHosts.default = {
		85	enabled = true;
		86	domain = "xmpp.li";
		87	ssl = {
		88	key = "certs/xmpp.li.key";
		89	cert = "certs/xmpp.li.crt";
		90	};
		91	};
		92	};
		93	environment.etc."pam.d/xmpp" = {
		94	text = ''
		95	auth [success=1 default=ignore] pam_unix.so obscure sha512 nodelay
		96	auth required pam_succeed_if.so user ingroup xmpp
		97	auth requisite pam_deny.so
		98	auth required pam_permit.so
		99	'';
		100	};
72	}	101	}