summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--hel.nix40
1 files changed, 0 insertions, 40 deletions
diff --git a/hel.nix b/hel.nix
index 0c64ef19..743c86aa 100644
--- a/hel.nix
+++ b/hel.nix
@@ -142,17 +142,6 @@
142 142
143 openssh = { 143 openssh = {
144 enable = true; 144 enable = true;
145 extraConfig = ''
146 Match User media
147 ForceCommand internal-sftp
148 PermitTTY no
149 AllowTcpForwarding no
150 AllowStreamLocalForwarding no
151 X11Forwarding no
152 AllowAgentForwarding no
153 ChrootDirectory /run/%u
154 AuthorizedKeysFile /etc/ssh/authorized_keys.d/%u
155 '';
156 }; 145 };
157 146
158 atd = { 147 atd = {
@@ -334,16 +323,6 @@
334 323
335 extraUsers.gkleen.extraGroups = [ "media" "networkmanager" "docker" ]; 324 extraUsers.gkleen.extraGroups = [ "media" "networkmanager" "docker" ];
336 325
337 extraUsers.media = {
338 group = "media";
339 home = "/var/media";
340 isSystemUser = true;
341 openssh.authorizedKeys.keyFiles = [
342 ./users/keys/gkleen-media-hel.pub
343 ];
344 useDefaultShell = true;
345 };
346
347 extraUsers.postfix_ssh = { 326 extraUsers.postfix_ssh = {
348 isSystemUser = true; 327 isSystemUser = true;
349 home = "/var/db/postfix_ssh"; 328 home = "/var/db/postfix_ssh";
@@ -351,9 +330,6 @@
351 330
352 extraGroups = { 331 extraGroups = {
353 network = {}; 332 network = {};
354 media = {
355 members = [ "uucp" "media" ];
356 };
357 }; 333 };
358 }; 334 };
359 335
@@ -460,13 +436,6 @@
460 }; 436 };
461 437
462 systemd.automounts = [ 438 systemd.automounts = [
463 {
464 where = "/run/media/var/media";
465 automountConfig = {
466 DirectoryMode = "700";
467 };
468 wantedBy = [ "local-fs.target" ];
469 }
470 { 439 {
471 where = "/media"; 440 where = "/media";
472 automountConfig = { 441 automountConfig = {
@@ -478,15 +447,6 @@
478 ]; 447 ];
479 448
480 systemd.mounts = [ 449 systemd.mounts = [
481 { enable = true;
482 where = "/run/media/var/media";
483 what = "/var/media";
484 type = "none";
485 options = "bind";
486 mountConfig = {
487 DirectoryMode = "700";
488 };
489 }
490 { 450 {
491 after = [ "network-online.target" ]; 451 after = [ "network-online.target" ];
492 bindsTo = [ "network-online.target" ]; 452 bindsTo = [ "network-online.target" ];