]>
Commit | Line | Data |
---|---|---|
1 | { lib, pkgs, config, ... }: | |
2 | { | |
3 | options = { | |
4 | myServices.pub.enable = lib.mkOption { | |
5 | type = lib.types.bool; | |
6 | default = false; | |
7 | description = '' | |
8 | Whether to enable pub user. | |
9 | ''; | |
10 | }; | |
11 | }; | |
12 | ||
13 | config = lib.mkIf config.myServices.pub.enable { | |
14 | myServices.chatonsProperties.services.vm-like = { | |
15 | file.datetime = "2022-08-22T01:00:00"; | |
16 | service = { | |
17 | name = "Comptes shell"; | |
18 | description = "Compte shell cloisonné"; | |
19 | logo = "https://www.openssh.com/favicon.ico"; | |
20 | website = "pub.immae.eu"; | |
21 | status.level = "OK"; | |
22 | status.description = "OK"; | |
23 | registration."" = ["MEMBER" "CLIENT"]; | |
24 | registration.load = "OPEN"; | |
25 | install.type = "PACKAGE"; | |
26 | }; | |
27 | software = { | |
28 | name = "Openssh"; | |
29 | website = "https://www.openssh.com/"; | |
30 | license.url = "https://github.com/openssh/openssh-portable/blob/master/LICENCE"; | |
31 | license.name = "BSD Licence"; | |
32 | version = pkgs.openssh.version; | |
33 | source.url = "https://github.com/openssh/openssh-portable"; | |
34 | }; | |
35 | }; | |
36 | myServices.ssh.modules = [{ | |
37 | snippet = builtins.readFile ./ldap_pub.sh; | |
38 | dependencies = [ pkgs.coreutils ]; | |
39 | }]; | |
40 | users.users.pub = let | |
41 | restrict = pkgs.runCommand "restrict" { | |
42 | file = ./restrict; | |
43 | buildInputs = [ pkgs.makeWrapper ]; | |
44 | } '' | |
45 | mkdir -p $out/bin | |
46 | cp $file $out/bin/restrict | |
47 | chmod a+x $out/bin/restrict | |
48 | patchShebangs $out/bin/restrict | |
49 | wrapProgram $out/bin/restrict \ | |
50 | --prefix PATH : ${lib.makeBinPath [ pkgs.bubblewrap pkgs.rrsync ]} \ | |
51 | --set TMUX_RESTRICT ${./tmux.restrict.conf} | |
52 | ''; | |
53 | purple-hangouts = pkgs.purple-hangouts.overrideAttrs(old: { | |
54 | installPhase = '' | |
55 | install -Dm755 -t $out/lib/purple-2/ libhangouts.so | |
56 | for size in 16 22 24 48; do | |
57 | install -TDm644 hangouts$size.png $out/share/pixmaps/pidgin/protocols/$size/hangouts.png | |
58 | done | |
59 | ''; | |
60 | }); | |
61 | in { | |
62 | createHome = true; | |
63 | description = "Restricted shell user"; | |
64 | home = "/var/lib/pub"; | |
65 | uid = config.myEnv.users.pub.uid; | |
66 | isNormalUser = true; | |
67 | group = "nogroup"; | |
68 | useDefaultShell = true; | |
69 | packages = [ | |
70 | restrict | |
71 | pkgs.tmux | |
72 | (pkgs.pidgin.override { plugins = [ | |
73 | pkgs.purple-plugin-pack purple-hangouts | |
74 | pkgs.purple-discord pkgs.purple-facebook | |
75 | pkgs.telegram-purple | |
76 | ]; }) | |
77 | ]; | |
78 | }; | |
79 | }; | |
80 | } |