first shot at uucp

author: Gregor Kleen <gkleen@yggdrasil.li> 2016-04-27 11:39:56 +0200
committer: Gregor Kleen <gkleen@yggdrasil.li> 2016-04-27 11:39:56 +0200
commit: 3dc4d23ab478dcedb44021ecf5c8d4e5b1c32def (patch)
tree: 818d57e29b53ef01b09321fa95f13f9bec08c05f
parent: 2ec263d649b20da9cb59d490a1bc7b2fa7d319e1 (diff)
download: nixos-3dc4d23ab478dcedb44021ecf5c8d4e5b1c32def.tar
nixos-3dc4d23ab478dcedb44021ecf5c8d4e5b1c32def.tar.gz
nixos-3dc4d23ab478dcedb44021ecf5c8d4e5b1c32def.tar.bz2
nixos-3dc4d23ab478dcedb44021ecf5c8d4e5b1c32def.tar.xz
nixos-3dc4d23ab478dcedb44021ecf5c8d4e5b1c32def.zip
2 files changed, 124 insertions, 0 deletions
diff --git a/custom/uucp.nix b/custom/uucp.nix
new file mode 100644
index 00000000..0b199776
--- /dev/null
+++ b/custom/uucp.nix
@@ -0,0 +1,104 @@
+{ config, lib, pkgs, ... }:
+rec {
+  options = {
+    services.uucp = {
+      enable = mkOption {
+        type = types.bool;
+        default = false;
+        description = ''
+          If enabled we set up an account accesible via uucp over ssh
+        '';
+      };
+      sshUser = mkOption { 
+        type = types.unspecified;
+        default = {
+          name = "uucp";
+          isSystemUser = true;
+          isNormalUser = false;
+          createHome = true;
+          home = "/var/spool/uucp";
+          description = "User for uucp over ssh";
+        };
+        description = "The local uucp linux-user";
+      };
+      sshConfig = mkOption {
+        type = types.str;
+        description = "~uucp/.ssh/config";
+      };
+      remoteNodes = mkOption {
+        types = types.listOf types.str;
+        default = [];
+        description = "List of ports to set up. You will probably need to configure these in sshConfig";
+      };
+      spoolDir = mkOption {
+        types = types.path;
+        default = "/var/spool/uucp";
+        description = "Spool directory";
+      };
+      lockDir = mkOption {
+        types = types.path;
+        default = "/var/spool/uucp";
+        description = "Lock directory";
+      };
+      pubDir = mkOption {
+        types = types.path;
+        default = "/var/spool/uucppublic";
+        description = "Public directory";
+      };
+      logFile = mkOption {
+        types = types.path;
+        default = "/var/log/uucp";
+        description = "Log file";
+      };
+      statFile = mkOption {
+        types = types.path;
+        default = "/var/log/uucp.stat";
+        description = "Statistics file";
+      };
+      debugFile = mkOption {
+        types = types.path;
+        default = "/var/log/uucp.debug";
+        description = "Debug file";
+      };
+      extraConfig = mkOption {
+        type = types.string;
+        default = "";
+        description = "Extra configuration to append verbatim to `/etc/uucp/config'";
+      };
+    };
+  };
+  config = {
+    environment.etc."uucp/config" = {
+      enable = config.services.uucp.enable;
+      text = ''
+        spool ${config.services.uucp.spoolDir}
+        lockdir ${config.services.uucp.lockDir}
+        pubdir ${config.services.uucp.pubDir}
+        logfile ${config.services.uucp.logFile}
+        statfile ${config.services.uucp.statFile}
+        debugfile ${config.services.uucp.debugFile}
+        
+        ${config.services.uucp.extraConfig}
+      '';
+    };
+    users.users."uucp" = optional config.services.uucp.enable config.services.uucp.sshUser;
+    system.activationScripts."uucp-sshconfig" = optional config.services.uucp.enable ''
+      mkdir -p ${users.users."uucp".home}/.ssh
+      cp ${builtins.toFile "ssh-config" config.services.uucp.sshConfig} ${users.users."uucp".home}/.ssh/config
+    '';
+  };
+}
diff --git a/ymir.nix b/ymir.nix
index 8a17cfe4..7895a859 100644
--- a/ymir.nix
+++ b/ymir.nix
@@ -21,6 +21,7 @@ in rec {
      ./users.nix
      ./custom/tinc/def.nix
      ./custom/ymir-nginx.nix
+      ./custom/uucp.nix
    ];
  boot.loader.grub = {
@@ -85,6 +86,7 @@ in rec {
    rsync
    tmux
    zsh
+    uucp
  ];
  networking = {
@@ -315,7 +317,21 @@ in rec {
      #enable TLS logging to see the ciphers for outbound connections
      smtp_tls_loglevel = 1
    '';
+    extraMasterConf = ''
+      uucp unix - n n - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
+    '';
+  };
+  users.extraUsers."uucp" = {
+    createHome = true;
+    home = "/var/spool/uucp";
+    isSystemUser = true;
+    isNormalUser = false;
+    openssh.authorizedKeys.keyFiles = [
+      users/keys/gkleen-skadhi.pub
+      users/keys/gkleen-vali.pub
+    ];
  };
+  environment.etc."/etc/uucp/call"
  security.acme = {
    certs = {
@@ -333,4 +349,8 @@ in rec {
      };
    };
  };
+  services.uucp = {
+    enable = true;
+  };
 }
author	Gregor Kleen <gkleen@yggdrasil.li>	2016-04-27 11:39:56 +0200
committer	Gregor Kleen <gkleen@yggdrasil.li>	2016-04-27 11:39:56 +0200
commit	3dc4d23ab478dcedb44021ecf5c8d4e5b1c32def (patch)
tree	818d57e29b53ef01b09321fa95f13f9bec08c05f
parent	2ec263d649b20da9cb59d490a1bc7b2fa7d319e1 (diff)
download	nixos-3dc4d23ab478dcedb44021ecf5c8d4e5b1c32def.tar nixos-3dc4d23ab478dcedb44021ecf5c8d4e5b1c32def.tar.gz nixos-3dc4d23ab478dcedb44021ecf5c8d4e5b1c32def.tar.bz2 nixos-3dc4d23ab478dcedb44021ecf5c8d4e5b1c32def.tar.xz nixos-3dc4d23ab478dcedb44021ecf5c8d4e5b1c32def.zip

diff --git a/custom/uucp.nix b/custom/uucp.nix new file mode 100644 index 00000000..0b199776 --- /dev/null +++ b/custom/uucp.nix
@@ -0,0 +1,104 @@
		1	{ config, lib, pkgs, ... }:
		2
		3	rec {
		4	options = {
		5	services.uucp = {
		6	enable = mkOption {
		7	type = types.bool;
		8	default = false;
		9	description = ''
		10	If enabled we set up an account accesible via uucp over ssh
		11	'';
		12	};
		13
		14	sshUser = mkOption {
		15	type = types.unspecified;
		16	default = {
		17	name = "uucp";
		18	isSystemUser = true;
		19	isNormalUser = false;
		20	createHome = true;
		21	home = "/var/spool/uucp";
		22	description = "User for uucp over ssh";
		23	};
		24	description = "The local uucp linux-user";
		25	};
		26
		27	sshConfig = mkOption {
		28	type = types.str;
		29	description = "~uucp/.ssh/config";
		30	};
		31
		32	remoteNodes = mkOption {
		33	types = types.listOf types.str;
		34	default = [];
		35	description = "List of ports to set up. You will probably need to configure these in sshConfig";
		36	};
		37
		38	spoolDir = mkOption {
		39	types = types.path;
		40	default = "/var/spool/uucp";
		41	description = "Spool directory";
		42	};
		43
		44	lockDir = mkOption {
		45	types = types.path;
		46	default = "/var/spool/uucp";
		47	description = "Lock directory";
		48	};
		49
		50	pubDir = mkOption {
		51	types = types.path;
		52	default = "/var/spool/uucppublic";
		53	description = "Public directory";
		54	};
		55
		56	logFile = mkOption {
		57	types = types.path;
		58	default = "/var/log/uucp";
		59	description = "Log file";
		60	};
		61
		62	statFile = mkOption {
		63	types = types.path;
		64	default = "/var/log/uucp.stat";
		65	description = "Statistics file";
		66	};
		67
		68	debugFile = mkOption {
		69	types = types.path;
		70	default = "/var/log/uucp.debug";
		71	description = "Debug file";
		72	};
		73
		74	extraConfig = mkOption {
		75	type = types.string;
		76	default = "";
		77	description = "Extra configuration to append verbatim to `/etc/uucp/config'";
		78	};
		79	};
		80	};
		81
		82	config = {
		83	environment.etc."uucp/config" = {
		84	enable = config.services.uucp.enable;
		85	text = ''
		86	spool ${config.services.uucp.spoolDir}
		87	lockdir ${config.services.uucp.lockDir}
		88	pubdir ${config.services.uucp.pubDir}
		89	logfile ${config.services.uucp.logFile}
		90	statfile ${config.services.uucp.statFile}
		91	debugfile ${config.services.uucp.debugFile}
		92
		93	${config.services.uucp.extraConfig}
		94	'';
		95	};
		96
		97	users.users."uucp" = optional config.services.uucp.enable config.services.uucp.sshUser;
		98
		99	system.activationScripts."uucp-sshconfig" = optional config.services.uucp.enable ''
		100	mkdir -p ${users.users."uucp".home}/.ssh
		101	cp ${builtins.toFile "ssh-config" config.services.uucp.sshConfig} ${users.users."uucp".home}/.ssh/config
		102	'';
		103	};
		104	}


diff --git a/ymir.nix b/ymir.nix index 8a17cfe4..7895a859 100644 --- a/ymir.nix +++ b/ymir.nix
@@ -21,6 +21,7 @@ in rec {
21	./users.nix	21	./users.nix
22	./custom/tinc/def.nix	22	./custom/tinc/def.nix
23	./custom/ymir-nginx.nix	23	./custom/ymir-nginx.nix
		24	./custom/uucp.nix
24	];	25	];
25		26
26	boot.loader.grub = {	27	boot.loader.grub = {
@@ -85,6 +86,7 @@ in rec {
85	rsync	86	rsync
86	tmux	87	tmux
87	zsh	88	zsh
		89	uucp
88	];	90	];
89		91
90	networking = {	92	networking = {
@@ -315,7 +317,21 @@ in rec {
315	#enable TLS logging to see the ciphers for outbound connections	317	#enable TLS logging to see the ciphers for outbound connections
316	smtp_tls_loglevel = 1	318	smtp_tls_loglevel = 1
317	'';	319	'';
		320	extraMasterConf = ''
		321	uucp unix - n n - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
		322	'';
		323	};
		324	users.extraUsers."uucp" = {
		325	createHome = true;
		326	home = "/var/spool/uucp";
		327	isSystemUser = true;
		328	isNormalUser = false;
		329	openssh.authorizedKeys.keyFiles = [
		330	users/keys/gkleen-skadhi.pub
		331	users/keys/gkleen-vali.pub
		332	];
318	};	333	};
		334	environment.etc."/etc/uucp/call"
319		335
320	security.acme = {	336	security.acme = {
321	certs = {	337	certs = {
@@ -333,4 +349,8 @@ in rec {
333	};	349	};
334	};	350	};
335	};	351	};
		352
		353	services.uucp = {
		354	enable = true;
		355	};
336	}	356	}