From 3dc4d23ab478dcedb44021ecf5c8d4e5b1c32def Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Wed, 27 Apr 2016 11:39:56 +0200 Subject: first shot at uucp --- custom/uucp.nix | 104 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ymir.nix | 20 +++++++++++ 2 files changed, 124 insertions(+) create mode 100644 custom/uucp.nix diff --git a/custom/uucp.nix b/custom/uucp.nix new file mode 100644 index 00000000..0b199776 --- /dev/null +++ b/custom/uucp.nix @@ -0,0 +1,104 @@ +{ config, lib, pkgs, ... }: + +rec { + options = { + services.uucp = { + enable = mkOption { + type = types.bool; + default = false; + description = '' + If enabled we set up an account accesible via uucp over ssh + ''; + }; + + sshUser = mkOption { + type = types.unspecified; + default = { + name = "uucp"; + isSystemUser = true; + isNormalUser = false; + createHome = true; + home = "/var/spool/uucp"; + description = "User for uucp over ssh"; + }; + description = "The local uucp linux-user"; + }; + + sshConfig = mkOption { + type = types.str; + description = "~uucp/.ssh/config"; + }; + + remoteNodes = mkOption { + types = types.listOf types.str; + default = []; + description = "List of ports to set up. You will probably need to configure these in sshConfig"; + }; + + spoolDir = mkOption { + types = types.path; + default = "/var/spool/uucp"; + description = "Spool directory"; + }; + + lockDir = mkOption { + types = types.path; + default = "/var/spool/uucp"; + description = "Lock directory"; + }; + + pubDir = mkOption { + types = types.path; + default = "/var/spool/uucppublic"; + description = "Public directory"; + }; + + logFile = mkOption { + types = types.path; + default = "/var/log/uucp"; + description = "Log file"; + }; + + statFile = mkOption { + types = types.path; + default = "/var/log/uucp.stat"; + description = "Statistics file"; + }; + + debugFile = mkOption { + types = types.path; + default = "/var/log/uucp.debug"; + description = "Debug file"; + }; + + extraConfig = mkOption { + type = types.string; + default = ""; + description = "Extra configuration to append verbatim to `/etc/uucp/config'"; + }; + }; + }; + + config = { + environment.etc."uucp/config" = { + enable = config.services.uucp.enable; + text = '' + spool ${config.services.uucp.spoolDir} + lockdir ${config.services.uucp.lockDir} + pubdir ${config.services.uucp.pubDir} + logfile ${config.services.uucp.logFile} + statfile ${config.services.uucp.statFile} + debugfile ${config.services.uucp.debugFile} + + ${config.services.uucp.extraConfig} + ''; + }; + + users.users."uucp" = optional config.services.uucp.enable config.services.uucp.sshUser; + + system.activationScripts."uucp-sshconfig" = optional config.services.uucp.enable '' + mkdir -p ${users.users."uucp".home}/.ssh + cp ${builtins.toFile "ssh-config" config.services.uucp.sshConfig} ${users.users."uucp".home}/.ssh/config + ''; + }; +} diff --git a/ymir.nix b/ymir.nix index 8a17cfe4..7895a859 100644 --- a/ymir.nix +++ b/ymir.nix @@ -21,6 +21,7 @@ in rec { ./users.nix ./custom/tinc/def.nix ./custom/ymir-nginx.nix + ./custom/uucp.nix ]; boot.loader.grub = { @@ -85,6 +86,7 @@ in rec { rsync tmux zsh + uucp ]; networking = { @@ -315,7 +317,21 @@ in rec { #enable TLS logging to see the ciphers for outbound connections smtp_tls_loglevel = 1 ''; + extraMasterConf = '' + uucp unix - n n - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) + ''; + }; + users.extraUsers."uucp" = { + createHome = true; + home = "/var/spool/uucp"; + isSystemUser = true; + isNormalUser = false; + openssh.authorizedKeys.keyFiles = [ + users/keys/gkleen-skadhi.pub + users/keys/gkleen-vali.pub + ]; }; + environment.etc."/etc/uucp/call" security.acme = { certs = { @@ -333,4 +349,8 @@ in rec { }; }; }; + + services.uucp = { + enable = true; + }; } -- cgit v1.2.3