From 1ffd88cfe3812dc0566fc97dbda36199a3d504cd Mon Sep 17 00:00:00 2001 From: Max Date: Sun, 18 Sep 2022 23:05:03 +0200 Subject: [PATCH] cluster/services/irc: add PAM configuration --- cluster/services/irc/irc-host.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/cluster/services/irc/irc-host.nix b/cluster/services/irc/irc-host.nix index b301303..3d26f8e 100644 --- a/cluster/services/irc/irc-host.nix +++ b/cluster/services/irc/irc-host.nix @@ -67,6 +67,12 @@ in { reloadServices = [ "ngircd" ]; extraDomainNames = [ "irc.${domain}" ]; }; + security.pam.services.ngircd = { + text = '' + # verify IRC users via SSSD + auth required ${pkgs.sssd}/lib/security/pam_sss.so + ''; + }; age.secrets = { inherit (vars) ircPeerKey; }; systemd.services.ngircd = { after = [ "acme-finished-${serverName}.target" "dhparams-gen-ngircd.service" ];