diff options
-rw-r--r-- | hel.nix | 40 |
1 files changed, 0 insertions, 40 deletions
@@ -142,17 +142,6 @@ | |||
142 | 142 | ||
143 | openssh = { | 143 | openssh = { |
144 | enable = true; | 144 | enable = true; |
145 | extraConfig = '' | ||
146 | Match User media | ||
147 | ForceCommand internal-sftp | ||
148 | PermitTTY no | ||
149 | AllowTcpForwarding no | ||
150 | AllowStreamLocalForwarding no | ||
151 | X11Forwarding no | ||
152 | AllowAgentForwarding no | ||
153 | ChrootDirectory /run/%u | ||
154 | AuthorizedKeysFile /etc/ssh/authorized_keys.d/%u | ||
155 | ''; | ||
156 | }; | 145 | }; |
157 | 146 | ||
158 | atd = { | 147 | atd = { |
@@ -334,16 +323,6 @@ | |||
334 | 323 | ||
335 | extraUsers.gkleen.extraGroups = [ "media" "networkmanager" "docker" ]; | 324 | extraUsers.gkleen.extraGroups = [ "media" "networkmanager" "docker" ]; |
336 | 325 | ||
337 | extraUsers.media = { | ||
338 | group = "media"; | ||
339 | home = "/var/media"; | ||
340 | isSystemUser = true; | ||
341 | openssh.authorizedKeys.keyFiles = [ | ||
342 | ./users/keys/gkleen-media-hel.pub | ||
343 | ]; | ||
344 | useDefaultShell = true; | ||
345 | }; | ||
346 | |||
347 | extraUsers.postfix_ssh = { | 326 | extraUsers.postfix_ssh = { |
348 | isSystemUser = true; | 327 | isSystemUser = true; |
349 | home = "/var/db/postfix_ssh"; | 328 | home = "/var/db/postfix_ssh"; |
@@ -351,9 +330,6 @@ | |||
351 | 330 | ||
352 | extraGroups = { | 331 | extraGroups = { |
353 | network = {}; | 332 | network = {}; |
354 | media = { | ||
355 | members = [ "uucp" "media" ]; | ||
356 | }; | ||
357 | }; | 333 | }; |
358 | }; | 334 | }; |
359 | 335 | ||
@@ -460,13 +436,6 @@ | |||
460 | }; | 436 | }; |
461 | 437 | ||
462 | systemd.automounts = [ | 438 | systemd.automounts = [ |
463 | { | ||
464 | where = "/run/media/var/media"; | ||
465 | automountConfig = { | ||
466 | DirectoryMode = "700"; | ||
467 | }; | ||
468 | wantedBy = [ "local-fs.target" ]; | ||
469 | } | ||
470 | { | 439 | { |
471 | where = "/media"; | 440 | where = "/media"; |
472 | automountConfig = { | 441 | automountConfig = { |
@@ -478,15 +447,6 @@ | |||
478 | ]; | 447 | ]; |
479 | 448 | ||
480 | systemd.mounts = [ | 449 | systemd.mounts = [ |
481 | { enable = true; | ||
482 | where = "/run/media/var/media"; | ||
483 | what = "/var/media"; | ||
484 | type = "none"; | ||
485 | options = "bind"; | ||
486 | mountConfig = { | ||
487 | DirectoryMode = "700"; | ||
488 | }; | ||
489 | } | ||
490 | { | 450 | { |
491 | after = [ "network-online.target" ]; | 451 | after = [ "network-online.target" ]; |
492 | bindsTo = [ "network-online.target" ]; | 452 | bindsTo = [ "network-online.target" ]; |