summaryrefslogtreecommitdiffstats
path: root/krebs/3modules
diff options
context:
space:
mode:
Diffstat (limited to 'krebs/3modules')
-rw-r--r--krebs/3modules/ergo.nix53
-rw-r--r--krebs/3modules/external/default.nix4
-rw-r--r--krebs/3modules/external/mic92.nix2
-rw-r--r--krebs/3modules/external/ssh/kmein.pub3
-rw-r--r--krebs/3modules/krebs/default.nix1
5 files changed, 55 insertions, 8 deletions
diff --git a/krebs/3modules/ergo.nix b/krebs/3modules/ergo.nix
index 0ce0345d8..3153e4cfc 100644
--- a/krebs/3modules/ergo.nix
+++ b/krebs/3modules/ergo.nix
@@ -6,6 +6,7 @@
type = (pkgs.formats.json {}).type;
description = ''
Ergo IRC daemon configuration file.
+ https://raw.githubusercontent.com/ergochat/ergo/master/default.yaml
'';
default = {
network = {
@@ -34,19 +35,34 @@
};
};
datastore = {
+ autoupgrade = true;
path = "/var/lib/ergo/ircd.db";
};
accounts = {
authentication-enabled = true;
registration = {
enabled = true;
- email-verification = {
- enabled = false;
+ allow-before-connect = true;
+ throttling = {
+ enabled = true;
+ duration = "10m";
+ max-attempts = 30;
};
+ bcrypt-cost = 4;
+ email-verification.enabled = false;
+ };
+ multiclient = {
+ enabled = true;
+ allowed-by-default = true;
+ always-on = "opt-in";
+ auto-away = "opt-in";
};
};
channels = {
- default-modes = "+nt";
+ default-modes = "+ntC";
+ registration = {
+ enabled = true;
+ };
};
limits = {
nicklen = 32;
@@ -56,6 +72,31 @@
kicklen = 390;
topiclen = 390;
};
+ history = {
+ enabled = true;
+ channel-length = 2048;
+ client-length = 256;
+ autoresize-window = "3d";
+ autoreplay-on-join = 0;
+ chathistory-maxmessages = 100;
+ znc-maxmessages = 2048;
+ restrictions = {
+ expire-time = "1w";
+ query-cutoff = "none";
+ grace-period = "1h";
+ };
+ retention = {
+ allow-individual-delete = false;
+ enable-account-indexing = false;
+ };
+ tagmsg-storage = {
+ default = false;
+ whitelist = [
+ "+draft/react"
+ "+react"
+ ];
+ };
+ };
};
};
};
@@ -64,13 +105,17 @@
cfg = config.krebs.ergo;
configFile = pkgs.writeJSON "ergo.conf" cfg.config;
in lib.mkIf cfg.enable ({
+ environment.etc."ergo.yaml".source = configFile;
krebs.ergo.config =
lib.mapAttrsRecursive (_: lib.mkDefault) options.krebs.ergo.config.default;
systemd.services.ergo = {
description = "Ergo IRC daemon";
wantedBy = [ "multi-user.target" ];
+ reloadIfChanged = true;
+ restartTriggers = [ configFile ];
serviceConfig = {
- ExecStart = "${pkgs.ergo}/bin/ergo run --conf ${configFile}";
+ ExecStart = "${pkgs.ergo}/bin/ergo run --conf /etc/ergo.yaml";
+ ExecReload = "${pkgs.util-linux}/bin/kill -HUP $MAINPID";
DynamicUser = true;
StateDirectory = "ergo";
};
diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix
index 4a87c3501..4c4e53f2f 100644
--- a/krebs/3modules/external/default.nix
+++ b/krebs/3modules/external/default.nix
@@ -253,12 +253,12 @@ in {
};
};
- pinpox-ahorn = {
+ ahorn = {
owner = config.krebs.users.pinpox;
nets = {
retiolum = {
ip4.addr = "10.243.100.100";
- aliases = [ "pinpox-ahorn.r" ];
+ aliases = [ "ahorn.r" ];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAyfCuWUYEqp4vEt+a6DRvFpIrBu+GlkpNs/mE4OHzATQLNnWooOXQ
diff --git a/krebs/3modules/external/mic92.nix b/krebs/3modules/external/mic92.nix
index b1e11b452..9a3c855f4 100644
--- a/krebs/3modules/external/mic92.nix
+++ b/krebs/3modules/external/mic92.nix
@@ -173,7 +173,7 @@ in {
};
retiolum = {
via = internet;
- aliases = [ "eve.r" ];
+ aliases = [ "eve.r" "tts.r" ];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAw5cxGjnWCG8dcuhTddvGHzH0/VjxHA5V8qJXH2R5k8ki8dsM5FRH
diff --git a/krebs/3modules/external/ssh/kmein.pub b/krebs/3modules/external/ssh/kmein.pub
index 5711a2c1c..8eade3498 100644
--- a/krebs/3modules/external/ssh/kmein.pub
+++ b/krebs/3modules/external/ssh/kmein.pub
@@ -1 +1,2 @@
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC19H0FhSNWcfBRPKzbTVSMJikIWZl0CoM8zCm+/3fdMgoaLRpeZWe/AfDK6b4qOjk/sez/J0JUFCGr+JbMwjsduoazsuQowu9L9DLP9Q5UkJje4BD7MHznaeu9/XfVng/MvyaEWArA/VUJeKQesHe76tR511/+n3+bdzlIh8Zw/3wfFxmg1OTNA99/vLkXrQzHDTuV/yj1pxykL4xFtN0OIssW1IKncJeKtkO/OHGT55ypz52Daj6bNKqvxiTuzeEhv5M+5ppyIPcRf1uj/7IaPKttCgZAntEqBTIR9MbyXFeAZVayzaFnLl2okeam5XreeZbj+Y1h2ZjxiIuWoab3MLndSekVfLtfa63gtcWIf8CIvZO2wJoH8v73y0U78JsfWVaTM09ZCfFlHHA/bWqZ6laAjW+mWLO/c77DcYkB3IBzaMVNfc6mfTcGFIC+biWeYpKgA0zC6rByUPbmbIoMueP9zqJwqUaM90Nwd6559inBB107/BK3Ktb3b+37mMCstetIPB9e4EFpGMjhmnL/G81jS53ACWLXJYzt7mKU/fEsiW93MtaB+Le46OEC18y/4G8F7p/nnH7i0kO74ukxbnc4PlpiM7iWT6ra2Cyy+nzEgdXCNXywIxr05TbCQDwX6/NY8k7Hokgdfyz+1Pq3sX0yCcWRPaoB26YF12KYFQ== kieran.meinhardt@gmail.com
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDyTnGhFq0Q+vghNhrqNrAyY+CsN7nNz8bPfiwIwNpjk
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOiQEc8rTr7C7xVLYV7tQ99BDDBLrJsy5hslxtCEatkB
diff --git a/krebs/3modules/krebs/default.nix b/krebs/3modules/krebs/default.nix
index 1b5d903cb..5e0e69924 100644
--- a/krebs/3modules/krebs/default.nix
+++ b/krebs/3modules/krebs/default.nix
@@ -92,6 +92,7 @@ in {
h5ZUzfd1r1pTzQ0nYD5aRtlDd7zP7y5tUwIDAQAB
-----END RSA PUBLIC KEY-----
'';
+ tinc.pubkey_ed25519 = "ugy/sGReVro3YzjDuroV/5hdeBdqD18no9dMhTy9DYL";
};
};
ssh.privkey.path = <secrets/ssh.id_ed25519>;