remove media user

author: Gregor Kleen <gkleen@yggdrasil.li> 2018-06-02 20:33:49 +0200
committer: Gregor Kleen <gkleen@yggdrasil.li> 2018-06-02 20:33:49 +0200
commit: 347da4ffbb4b870b330a22d7f5e0eda432a512f0 (patch)
tree: 9fa6c051d998e464d95e21f2e4d7c22b7bffc66d
parent: 937905d28c904205b1647095fa50827db91c249d (diff)
download: nixos-347da4ffbb4b870b330a22d7f5e0eda432a512f0.tar
nixos-347da4ffbb4b870b330a22d7f5e0eda432a512f0.tar.gz
nixos-347da4ffbb4b870b330a22d7f5e0eda432a512f0.tar.bz2
nixos-347da4ffbb4b870b330a22d7f5e0eda432a512f0.tar.xz
nixos-347da4ffbb4b870b330a22d7f5e0eda432a512f0.zip
1 files changed, 0 insertions, 40 deletions
diff --git a/hel.nix b/hel.nix
index 0c64ef19..743c86aa 100644
--- a/hel.nix
+++ b/hel.nix
@@ -142,17 +142,6 @@
    openssh = {
      enable = true;
-      extraConfig = ''
-        Match User media
-          ForceCommand internal-sftp
-          PermitTTY no
-          AllowTcpForwarding no
-          AllowStreamLocalForwarding no
-          X11Forwarding no
-          AllowAgentForwarding no
-          ChrootDirectory /run/%u
-          AuthorizedKeysFile /etc/ssh/authorized_keys.d/%u
-      '';
    };
    atd = {
@@ -334,16 +323,6 @@
    extraUsers.gkleen.extraGroups = [ "media" "networkmanager" "docker" ];
-    extraUsers.media = {
-      group = "media";
-      home = "/var/media";
-      isSystemUser = true;
-      openssh.authorizedKeys.keyFiles = [
-        ./users/keys/gkleen-media-hel.pub
-      ];
-      useDefaultShell = true;
-    };
    extraUsers.postfix_ssh = {
      isSystemUser = true;
      home = "/var/db/postfix_ssh";
@@ -351,9 +330,6 @@
    extraGroups = {
      network = {};
-      media = {
-        members = [ "uucp" "media" ];
-      };
    };
  };
@@ -460,13 +436,6 @@
  };
  systemd.automounts = [
-    { 
-      where = "/run/media/var/media";
-      automountConfig = {
-        DirectoryMode = "700";
-      };
-      wantedBy = [ "local-fs.target" ];
-    }
    {
      where = "/media";
      automountConfig = {
@@ -478,15 +447,6 @@
  ];
  systemd.mounts = [
-    { enable = true;
-      where = "/run/media/var/media";
-      what = "/var/media";
-      type = "none";
-      options = "bind";
-      mountConfig = {
-        DirectoryMode = "700";
-      };
-    }
    {
      after = [ "network-online.target" ];
      bindsTo = [ "network-online.target" ];
author	Gregor Kleen <gkleen@yggdrasil.li>	2018-06-02 20:33:49 +0200
committer	Gregor Kleen <gkleen@yggdrasil.li>	2018-06-02 20:33:49 +0200
commit	347da4ffbb4b870b330a22d7f5e0eda432a512f0 (patch)
tree	9fa6c051d998e464d95e21f2e4d7c22b7bffc66d
parent	937905d28c904205b1647095fa50827db91c249d (diff)
download	nixos-347da4ffbb4b870b330a22d7f5e0eda432a512f0.tar nixos-347da4ffbb4b870b330a22d7f5e0eda432a512f0.tar.gz nixos-347da4ffbb4b870b330a22d7f5e0eda432a512f0.tar.bz2 nixos-347da4ffbb4b870b330a22d7f5e0eda432a512f0.tar.xz nixos-347da4ffbb4b870b330a22d7f5e0eda432a512f0.zip

diff --git a/hel.nix b/hel.nix index 0c64ef19..743c86aa 100644 --- a/hel.nix +++ b/hel.nix
@@ -142,17 +142,6 @@
142		142
143	openssh = {	143	openssh = {
144	enable = true;	144	enable = true;
145	extraConfig = ''
146	Match User media
147	ForceCommand internal-sftp
148	PermitTTY no
149	AllowTcpForwarding no
150	AllowStreamLocalForwarding no
151	X11Forwarding no
152	AllowAgentForwarding no
153	ChrootDirectory /run/%u
154	AuthorizedKeysFile /etc/ssh/authorized_keys.d/%u
155	'';
156	};	145	};
157		146
158	atd = {	147	atd = {
@@ -334,16 +323,6 @@
334		323
335	extraUsers.gkleen.extraGroups = [ "media" "networkmanager" "docker" ];	324	extraUsers.gkleen.extraGroups = [ "media" "networkmanager" "docker" ];
336		325
337	extraUsers.media = {
338	group = "media";
339	home = "/var/media";
340	isSystemUser = true;
341	openssh.authorizedKeys.keyFiles = [
342	./users/keys/gkleen-media-hel.pub
343	];
344	useDefaultShell = true;
345	};
346
347	extraUsers.postfix_ssh = {	326	extraUsers.postfix_ssh = {
348	isSystemUser = true;	327	isSystemUser = true;
349	home = "/var/db/postfix_ssh";	328	home = "/var/db/postfix_ssh";
@@ -351,9 +330,6 @@
351		330
352	extraGroups = {	331	extraGroups = {
353	network = {};	332	network = {};
354	media = {
355	members = [ "uucp" "media" ];
356	};
357	};	333	};
358	};	334	};
359		335
@@ -460,13 +436,6 @@
460	};	436	};
461		437
462	systemd.automounts = [	438	systemd.automounts = [
463	{
464	where = "/run/media/var/media";
465	automountConfig = {
466	DirectoryMode = "700";
467	};
468	wantedBy = [ "local-fs.target" ];
469	}
470	{	439	{
471	where = "/media";	440	where = "/media";
472	automountConfig = {	441	automountConfig = {
@@ -478,15 +447,6 @@
478	];	447	];
479		448
480	systemd.mounts = [	449	systemd.mounts = [
481	{ enable = true;
482	where = "/run/media/var/media";
483	what = "/var/media";
484	type = "none";
485	options = "bind";
486	mountConfig = {
487	DirectoryMode = "700";
488	};
489	}
490	{	450	{
491	after = [ "network-online.target" ];	451	after = [ "network-online.target" ];
492	bindsTo = [ "network-online.target" ];	452	bindsTo = [ "network-online.target" ];