summaryrefslogtreecommitdiffstats
path: root/lass/2configs
diff options
context:
space:
mode:
Diffstat (limited to 'lass/2configs')
-rw-r--r--lass/2configs/c-base.nix4
-rw-r--r--lass/2configs/websites/domsen.nix34
-rw-r--r--lass/2configs/websites/fritz.nix2
-rw-r--r--lass/2configs/websites/lassulus.nix2
-rw-r--r--lass/2configs/websites/wohnprojekt-rhh.de.nix2
5 files changed, 8 insertions, 36 deletions
diff --git a/lass/2configs/c-base.nix b/lass/2configs/c-base.nix
index 9295fd9ef..3e533fb74 100644
--- a/lass/2configs/c-base.nix
+++ b/lass/2configs/c-base.nix
@@ -16,6 +16,10 @@ in {
users.extraGroups.cbasevpn.gid = genid "cbasevpn";
+ environment.systemPackages = [
+ pkgs.cifs-utils
+ ];
+
services.openvpn.servers = {
c-base = {
config = ''
diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix
index 3a3e60d39..18c771fad 100644
--- a/lass/2configs/websites/domsen.nix
+++ b/lass/2configs/websites/domsen.nix
@@ -2,7 +2,7 @@
let
- inherit (import <stockholm/krebs/4lib> { config = {}; inherit lib; })
+ inherit (import <stockholm/lib>)
genid
genid_signed
;
@@ -22,25 +22,6 @@ let
exec ${pkgs.msmtp}/bin/msmtp --read-envelope-from -C ${msmtprc} "$@"
'';
- check-password = pkgs.writeDash "check-password" ''
- read pw
-
- file="/home/$PAM_USER/.shadow"
-
- #check if shadow file exists
- test -e "$file" || exit 123
-
- hash="$(${pkgs.coreutils}/bin/head -1 $file)"
- salt="$(echo $hash | ${pkgs.gnused}/bin/sed 's/.*\$\(.*\)\$.*/\1/')"
-
- calc_hash="$(echo "$pw" | ${pkgs.mkpasswd}/bin/mkpasswd -m sha-512 -S $salt)"
- if [ "$calc_hash" == $hash ]; then
- exit 0
- else
- exit 1
- fi
- '';
-
in {
imports = [
./sqlBackup.nix
@@ -164,19 +145,6 @@ in {
{ predicate = "-p tcp --dport 465"; target = "ACCEPT"; }
];
- security.pam.services.exim.text = ''
- auth required pam_env.so
- auth sufficient pam_exec.so debug expose_authtok ${check-password}
- auth sufficient pam_unix.so likeauth nullok
- auth required pam_deny.so
- account required pam_unix.so
- password required pam_cracklib.so retry=3 type=
- password sufficient pam_unix.so nullok use_authtok md5shadow
- password required pam_deny.so
- session required pam_limits.so
- session required pam_unix.so
- '';
-
krebs.exim-smarthost = {
authenticators.PLAIN = ''
driver = plaintext
diff --git a/lass/2configs/websites/fritz.nix b/lass/2configs/websites/fritz.nix
index 48d96b1bf..d93d310da 100644
--- a/lass/2configs/websites/fritz.nix
+++ b/lass/2configs/websites/fritz.nix
@@ -2,7 +2,7 @@
with lib;
let
- inherit (import <stockholm/krebs/4lib> { config = {}; inherit lib; })
+ inherit (import <stockholm/lib>)
genid
head
;
diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix
index 04c19fad0..b8342e148 100644
--- a/lass/2configs/websites/lassulus.nix
+++ b/lass/2configs/websites/lassulus.nix
@@ -2,7 +2,7 @@
with lib;
let
- inherit (import <stockholm/krebs/4lib> { config = {}; inherit lib; })
+ inherit (import <stockholm/lib>)
genid
;
diff --git a/lass/2configs/websites/wohnprojekt-rhh.de.nix b/lass/2configs/websites/wohnprojekt-rhh.de.nix
index fb1a58109..0c409ca87 100644
--- a/lass/2configs/websites/wohnprojekt-rhh.de.nix
+++ b/lass/2configs/websites/wohnprojekt-rhh.de.nix
@@ -1,7 +1,7 @@
{ config, pkgs, lib, ... }:
let
- inherit (import <stockholm/krebs/4lib> { config = {}; inherit lib; })
+ inherit (import <stockholm/lib>)
genid
;
inherit (import <stockholm/lass/2configs/websites/util.nix> {inherit lib pkgs;})