-{ lib, pkgs, config, myconfig, ... }:
+{ lib, pkgs, config, ... }:
let
package = pkgs.pure-ftpd.override { ldapFtpId = "immaeFtp"; };
in
config = lib.mkIf config.services.pure-ftpd.enable {
services.duplyBackup.profiles.ftp = {
rootDir = "/var/lib/ftp";
+ remotes = [ "eriomem" "ovh" ];
};
security.acme.certs."ftp" = config.myServices.certificates.certConfig // {
domain = "eldiron.immae.eu";
};
};
- users.users = [
- {
- name = "ftp";
- uid = config.ids.uids.ftp; # 8
- group = "ftp";
- description = "Anonymous FTP user";
- home = "/homeless-shelter";
- extraGroups = [ "keys" ];
- }
- ];
+ users.users.ftp = {
+ uid = config.ids.uids.ftp; # 8
+ group = "ftp";
+ description = "Anonymous FTP user";
+ home = "/homeless-shelter";
+ extraGroups = [ "keys" ];
+ };
users.groups.ftp.gid = config.ids.gids.ftp;
user = "ftp";
group = "ftp";
text = ''
- LDAPServer ${myconfig.env.ftp.ldap.host}
+ LDAPServer ${config.myEnv.ftp.ldap.host}
LDAPPort 389
LDAPUseTLS True
- LDAPBaseDN ${myconfig.env.ftp.ldap.base}
- LDAPBindDN ${myconfig.env.ftp.ldap.dn}
- LDAPBindPW ${myconfig.env.ftp.ldap.password}
+ LDAPBaseDN ${config.myEnv.ftp.ldap.base}
+ LDAPBindDN ${config.myEnv.ftp.ldap.dn}
+ LDAPBindPW ${config.myEnv.ftp.ldap.password}
LDAPDefaultUID 500
LDAPForceDefaultUID False
LDAPDefaultGID 100
LDAPForceDefaultGID False
- LDAPFilter ${myconfig.env.ftp.ldap.filter}
+ LDAPFilter ${config.myEnv.ftp.ldap.filter}
LDAPAuthMethod BIND
MaxDiskUsage 99
CustomerProof yes
TLS 1
- CertFile ${config.security.acme.directory}/ftp/full.pem
+ CertFile ${config.security.acme.certs.ftp.directory}/full.pem
'';
in {
description = "Pure-FTPd server";
projects / perso / Immae / Config / Nix.git / blobdiff