diff options
author | tv <tv@krebsco.de> | 2021-12-22 23:33:05 +0100 |
---|---|---|
committer | tv <tv@krebsco.de> | 2021-12-22 23:33:05 +0100 |
commit | 448cd3b9af9e39980676f8ade7e5fb80dbb58b9f (patch) | |
tree | ad3b7ccfb7107b0053ad2a80cbc2dd97a018e7a6 /makefu/2configs/dcpp/hub.nix | |
parent | 2656cbf2a91f1f350e29e2ee2faa0bbe90f9b717 (diff) | |
parent | 576c05cf3a0ceddefa29c2d0073108177c3cfa52 (diff) |
Merge remote-tracking branch 'prism/master'
Diffstat (limited to 'makefu/2configs/dcpp/hub.nix')
-rw-r--r-- | makefu/2configs/dcpp/hub.nix | 15 |
1 files changed, 9 insertions, 6 deletions
diff --git a/makefu/2configs/dcpp/hub.nix b/makefu/2configs/dcpp/hub.nix index b8ca49b74..5a88f5ef8 100644 --- a/makefu/2configs/dcpp/hub.nix +++ b/makefu/2configs/dcpp/hub.nix @@ -63,8 +63,11 @@ in { networking.firewall.extraCommands = '' iptables -A PREROUTING -t nat -i ${ext-if} -p tcp --dport 411 -j REDIRECT --to-port 1511 ''; - systemd.services.uhub.serviceConfig = { + systemd.services.uhub-home.serviceConfig = { PrivateTmp = true; + DynamicUser = lib.mkForce false; + User = "uhub"; + WorkingDirectory = uhubDir; PermissionsStartOnly = true; ExecStartPre = pkgs.writeDash "uhub-pre" '' cp -f ${toString <secrets/wildcard.krebsco.de.crt>} ${uhubDir}/uhub.crt @@ -86,6 +89,7 @@ in { group = "uhub"; }; users.groups.uhub = {}; + services.uhub.home = { enable = true; enableTLS = true; @@ -103,13 +107,12 @@ in { } { plugin = "${pkgs.uhub}/plugins/mod_welcome.so"; - settings.motd = "shareit"; - settings.rules = "1. Don't be an asshole"; + settings.motd = toString (pkgs.writeText "motd" "shareit"); + settings.rules = toString (pkgs.writeText "rules" "1. Don't be an asshole"); } { - plugin = "${pkgs.uhub}/plugins/mod_history.so"; - settings.motd = "shareit"; - settings.rules = "1. Don't be an asshole"; + plugin = "${pkgs.uhub}/plugins/mod_chat_history.so"; + settings = {}; } ]; }; |