diff options
| -rw-r--r-- | custom/uucp.nix | 104 | ||||
| -rw-r--r-- | ymir.nix | 20 |
2 files changed, 124 insertions, 0 deletions
diff --git a/custom/uucp.nix b/custom/uucp.nix new file mode 100644 index 00000000..0b199776 --- /dev/null +++ b/custom/uucp.nix | |||
| @@ -0,0 +1,104 @@ | |||
| 1 | { config, lib, pkgs, ... }: | ||
| 2 | |||
| 3 | rec { | ||
| 4 | options = { | ||
| 5 | services.uucp = { | ||
| 6 | enable = mkOption { | ||
| 7 | type = types.bool; | ||
| 8 | default = false; | ||
| 9 | description = '' | ||
| 10 | If enabled we set up an account accesible via uucp over ssh | ||
| 11 | ''; | ||
| 12 | }; | ||
| 13 | |||
| 14 | sshUser = mkOption { | ||
| 15 | type = types.unspecified; | ||
| 16 | default = { | ||
| 17 | name = "uucp"; | ||
| 18 | isSystemUser = true; | ||
| 19 | isNormalUser = false; | ||
| 20 | createHome = true; | ||
| 21 | home = "/var/spool/uucp"; | ||
| 22 | description = "User for uucp over ssh"; | ||
| 23 | }; | ||
| 24 | description = "The local uucp linux-user"; | ||
| 25 | }; | ||
| 26 | |||
| 27 | sshConfig = mkOption { | ||
| 28 | type = types.str; | ||
| 29 | description = "~uucp/.ssh/config"; | ||
| 30 | }; | ||
| 31 | |||
| 32 | remoteNodes = mkOption { | ||
| 33 | types = types.listOf types.str; | ||
| 34 | default = []; | ||
| 35 | description = "List of ports to set up. You will probably need to configure these in sshConfig"; | ||
| 36 | }; | ||
| 37 | |||
| 38 | spoolDir = mkOption { | ||
| 39 | types = types.path; | ||
| 40 | default = "/var/spool/uucp"; | ||
| 41 | description = "Spool directory"; | ||
| 42 | }; | ||
| 43 | |||
| 44 | lockDir = mkOption { | ||
| 45 | types = types.path; | ||
| 46 | default = "/var/spool/uucp"; | ||
| 47 | description = "Lock directory"; | ||
| 48 | }; | ||
| 49 | |||
| 50 | pubDir = mkOption { | ||
| 51 | types = types.path; | ||
| 52 | default = "/var/spool/uucppublic"; | ||
| 53 | description = "Public directory"; | ||
| 54 | }; | ||
| 55 | |||
| 56 | logFile = mkOption { | ||
| 57 | types = types.path; | ||
| 58 | default = "/var/log/uucp"; | ||
| 59 | description = "Log file"; | ||
| 60 | }; | ||
| 61 | |||
| 62 | statFile = mkOption { | ||
| 63 | types = types.path; | ||
| 64 | default = "/var/log/uucp.stat"; | ||
| 65 | description = "Statistics file"; | ||
| 66 | }; | ||
| 67 | |||
| 68 | debugFile = mkOption { | ||
| 69 | types = types.path; | ||
| 70 | default = "/var/log/uucp.debug"; | ||
| 71 | description = "Debug file"; | ||
| 72 | }; | ||
| 73 | |||
| 74 | extraConfig = mkOption { | ||
| 75 | type = types.string; | ||
| 76 | default = ""; | ||
| 77 | description = "Extra configuration to append verbatim to `/etc/uucp/config'"; | ||
| 78 | }; | ||
| 79 | }; | ||
| 80 | }; | ||
| 81 | |||
| 82 | config = { | ||
| 83 | environment.etc."uucp/config" = { | ||
| 84 | enable = config.services.uucp.enable; | ||
| 85 | text = '' | ||
| 86 | spool ${config.services.uucp.spoolDir} | ||
| 87 | lockdir ${config.services.uucp.lockDir} | ||
| 88 | pubdir ${config.services.uucp.pubDir} | ||
| 89 | logfile ${config.services.uucp.logFile} | ||
| 90 | statfile ${config.services.uucp.statFile} | ||
| 91 | debugfile ${config.services.uucp.debugFile} | ||
| 92 | |||
| 93 | ${config.services.uucp.extraConfig} | ||
| 94 | ''; | ||
| 95 | }; | ||
| 96 | |||
| 97 | users.users."uucp" = optional config.services.uucp.enable config.services.uucp.sshUser; | ||
| 98 | |||
| 99 | system.activationScripts."uucp-sshconfig" = optional config.services.uucp.enable '' | ||
| 100 | mkdir -p ${users.users."uucp".home}/.ssh | ||
| 101 | cp ${builtins.toFile "ssh-config" config.services.uucp.sshConfig} ${users.users."uucp".home}/.ssh/config | ||
| 102 | ''; | ||
| 103 | }; | ||
| 104 | } | ||
| @@ -21,6 +21,7 @@ in rec { | |||
| 21 | ./users.nix | 21 | ./users.nix |
| 22 | ./custom/tinc/def.nix | 22 | ./custom/tinc/def.nix |
| 23 | ./custom/ymir-nginx.nix | 23 | ./custom/ymir-nginx.nix |
| 24 | ./custom/uucp.nix | ||
| 24 | ]; | 25 | ]; |
| 25 | 26 | ||
| 26 | boot.loader.grub = { | 27 | boot.loader.grub = { |
| @@ -85,6 +86,7 @@ in rec { | |||
| 85 | rsync | 86 | rsync |
| 86 | tmux | 87 | tmux |
| 87 | zsh | 88 | zsh |
| 89 | uucp | ||
| 88 | ]; | 90 | ]; |
| 89 | 91 | ||
| 90 | networking = { | 92 | networking = { |
| @@ -315,7 +317,21 @@ in rec { | |||
| 315 | #enable TLS logging to see the ciphers for outbound connections | 317 | #enable TLS logging to see the ciphers for outbound connections |
| 316 | smtp_tls_loglevel = 1 | 318 | smtp_tls_loglevel = 1 |
| 317 | ''; | 319 | ''; |
| 320 | extraMasterConf = '' | ||
| 321 | uucp unix - n n - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) | ||
| 322 | ''; | ||
| 323 | }; | ||
| 324 | users.extraUsers."uucp" = { | ||
| 325 | createHome = true; | ||
| 326 | home = "/var/spool/uucp"; | ||
| 327 | isSystemUser = true; | ||
| 328 | isNormalUser = false; | ||
| 329 | openssh.authorizedKeys.keyFiles = [ | ||
| 330 | users/keys/gkleen-skadhi.pub | ||
| 331 | users/keys/gkleen-vali.pub | ||
| 332 | ]; | ||
| 318 | }; | 333 | }; |
| 334 | environment.etc."/etc/uucp/call" | ||
| 319 | 335 | ||
| 320 | security.acme = { | 336 | security.acme = { |
| 321 | certs = { | 337 | certs = { |
| @@ -333,4 +349,8 @@ in rec { | |||
| 333 | }; | 349 | }; |
| 334 | }; | 350 | }; |
| 335 | }; | 351 | }; |
| 352 | |||
| 353 | services.uucp = { | ||
| 354 | enable = true; | ||
| 355 | }; | ||
| 336 | } | 356 | } |