1 files changed, 15 insertions, 5 deletions

diff --git a/custom/uucp.nix b/custom/uucp.nix
index 8490ca4f..afaf8508 100644
--- a/custom/uucp.nix
+++ b/custom/uucp.nix
@@ -17,6 +17,9 @@ let
     chat ""
     protocol e
   '';
+  permissions = set: name: let commands = set."${name}"; in ''
+    MACHINE=${name} COMMANDS=${concatStringsSep ":" commands}
+  '';
 in {
   options = {
     services.uucp = {
@@ -47,9 +50,13 @@ in {
       };
 
       remoteNodes = mkOption {
-        type = types.listOf types.str;
-        default = [];
-        description = "List of ports to set up. You will probably need to configure these in sshConfig";
+        type = types.attrsOf (types.listOf str);
+        default = {};
+        description = ''
+          Ports to set up
+          Names will probably need to be configured in sshConfig
+          Values are permitted commands
+        '';
       };
 
       spoolDir = mkOption {
@@ -146,10 +153,13 @@ in {
         port ssh
         type stdin
         protocol e
-      '' + concatStringsSep "\n" (map portSpec config.services.uucp.remoteNodes);
+      '' + concatStringsSep "\n" (map portSpec (builtins.attrNames config.services.uucp.remoteNodes));
     };
     environment.etc."uucp/sys" = {
-      text = concatStringsSep "\n" (map sysSpec config.services.uucp.remoteNodes);
+      text = concatStringsSep "\n" (map sysSpec (builtins.attrNames config.services.uucp.remoteNodes));
+    };
+    environment.etc."uucp/Permissions" = {
+      text = concatStringsSep "\n" (map (permissions config.services.uucp.remoteNodes) (builtins.attrNames config.services.uucp.remoteNodes));
     };
 
     security.setuidOwners = map (p: {program = p; owner = "root"; group = "root"; setuid = true; setgid = false;}) ["uucico" "uuxqt" "cu" "uucp" "uuname" "uustat" "uux"];