X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=modules%2Fprivate%2Fftp.nix;h=e3c1f7041589c1d6f4320bf54758cfb0a5e3971f;hb=ab8f306d7c2c49b8116e1af7b355ed2384617ed9;hp=ada5f416bed9ca0d82a68c72883986d48491fe57;hpb=fe696f35f5e0789d4bc448bca4bbaf93d1182175;p=perso%2FImmae%2FConfig%2FNix.git diff --git a/modules/private/ftp.nix b/modules/private/ftp.nix index ada5f41..e3c1f70 100644 --- a/modules/private/ftp.nix +++ b/modules/private/ftp.nix @@ -1,4 +1,4 @@ -{ lib, pkgs, config, myconfig, ... }: +{ lib, pkgs, config, ... }: let package = pkgs.pure-ftpd.override { ldapFtpId = "immaeFtp"; }; in @@ -14,7 +14,10 @@ in }; config = lib.mkIf config.services.pure-ftpd.enable { - security.acme.certs."ftp" = config.services.myCertificates.certConfig // { + services.duplyBackup.profiles.ftp = { + rootDir = "/var/lib/ftp"; + }; + security.acme.certs."ftp" = config.myServices.certificates.certConfig // { domain = "eldiron.immae.eu"; postRun = '' systemctl restart pure-ftpd.service @@ -52,17 +55,17 @@ in user = "ftp"; group = "ftp"; text = '' - LDAPServer ${myconfig.env.ftp.ldap.host} + LDAPServer ${config.myEnv.ftp.ldap.host} LDAPPort 389 LDAPUseTLS True - LDAPBaseDN ${myconfig.env.ftp.ldap.base} - LDAPBindDN ${myconfig.env.ftp.ldap.dn} - LDAPBindPW ${myconfig.env.ftp.ldap.password} + LDAPBaseDN ${config.myEnv.ftp.ldap.base} + LDAPBindDN ${config.myEnv.ftp.ldap.dn} + LDAPBindPW ${config.myEnv.ftp.ldap.password} LDAPDefaultUID 500 LDAPForceDefaultUID False LDAPDefaultGID 100 LDAPForceDefaultGID False - LDAPFilter ${myconfig.env.ftp.ldap.filter} + LDAPFilter ${config.myEnv.ftp.ldap.filter} LDAPAuthMethod BIND @@ -72,6 +75,11 @@ in ''; }]; + services.filesWatcher.pure-ftpd = { + restart = true; + paths = [ "/var/secrets/pure-ftpd-ldap" ]; + }; + systemd.services.pure-ftpd = let configFile = pkgs.writeText "pure-ftpd.conf" '' PassivePortRange 40000 50000