From db80207267dd750d6e5fce0a4c15961aa324627b Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Wed, 16 Dec 2020 16:10:08 +0100
Subject: ma anon-sftp: init

---
 makefu/2configs/share/anon-sftp.nix | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100644 makefu/2configs/share/anon-sftp.nix

(limited to 'makefu/2configs/share/anon-sftp.nix')

diff --git a/makefu/2configs/share/anon-sftp.nix b/makefu/2configs/share/anon-sftp.nix
new file mode 100644
index 00000000..7cde9317
--- /dev/null
+++ b/makefu/2configs/share/anon-sftp.nix
@@ -0,0 +1,25 @@
+{ config, lib, pkgs, ... }:
+
+with import <stockholm/lib>;
+{
+  services.openssh = {
+    allowSFTP = true;
+    sftpFlags = [ "-l VERBOSE" ];
+    extraConfig = ''
+      Match User anonymous
+        ForceCommand internal-sftp
+        AllowTcpForwarding no
+        X11Forwarding no
+        PasswordAuthentication no
+    '';
+  };
+
+  users.users.anonymous = {
+    uid = genid "anonymous";
+    useDefaultShell = false;
+    password = "anonymous";
+    home = "/media/anon";
+    createHome = true;
+  };
+
+}
-- 
cgit v1.2.3