config = lib.mkIf config.services.pure-ftpd.enable {
services.duplyBackup.profiles.ftp = {
rootDir = "/var/lib/ftp";
+ remotes = [ "eriomem" "ovh" ];
};
security.acme.certs."ftp" = config.myServices.certificates.certConfig // {
domain = "eldiron.immae.eu";
};
};
- users.users = [
- {
- name = "ftp";
- uid = config.ids.uids.ftp; # 8
- group = "ftp";
- description = "Anonymous FTP user";
- home = "/homeless-shelter";
- extraGroups = [ "keys" ];
- }
- ];
+ users.users.ftp = {
+ uid = config.ids.uids.ftp; # 8
+ group = "ftp";
+ description = "Anonymous FTP user";
+ home = "/homeless-shelter";
+ extraGroups = [ "keys" ];
+ };
users.groups.ftp.gid = config.ids.gids.ftp;
install -m 0755 -o ftp -g ftp -d /var/lib/ftp
'';
- secrets.keys = [{
- dest = "pure-ftpd-ldap";
+ secrets.keys."pure-ftpd-ldap" = {
permissions = "0400";
user = "ftp";
group = "ftp";
# Compile dans pure-ftpd directement avec immaeFtpUid / immaeFtpGid
LDAPHomeDir immaeFtpDirectory
'';
- }];
+ };
services.filesWatcher.pure-ftpd = {
restart = true;
- paths = [ "/var/secrets/pure-ftpd-ldap" ];
+ paths = [ config.secrets.fullPaths."pure-ftpd-ldap" ];
};
systemd.services.pure-ftpd = let
SyslogFacility ftp
DontResolve yes
MaxIdleTime 15
- LDAPConfigFile /var/secrets/pure-ftpd-ldap
+ LDAPConfigFile ${config.secrets.fullPaths."pure-ftpd-ldap"}
LimitRecursion 10000 8
AnonymousCanCreateDirs no
MaxLoad 4
projects / perso / Immae / Config / Nix.git / blobdiff