cluster/services/irc: add oper configuration
This commit is contained in:
parent
1ffd88cfe3
commit
fc845158d8
1 changed files with 13 additions and 0 deletions
|
@ -9,6 +9,7 @@ let
|
|||
linkSecure = cluster.config.links.ircSecure;
|
||||
otherServers = map mkServer cluster.config.services.irc.otherNodes.host;
|
||||
otherServerFiles = map (builtins.toFile "ngircd-peer.conf") otherServers;
|
||||
opers = map mkOper [ "max" "num" "ark" ];
|
||||
|
||||
mkServer = name: ''
|
||||
[Server]
|
||||
|
@ -20,6 +21,14 @@ let
|
|||
SSLConnect = yes
|
||||
Passive = no
|
||||
'';
|
||||
|
||||
# oper password is irrelevant, mask ensures security thanks to PAM
|
||||
mkOper = name: ''
|
||||
[Operator]
|
||||
Name = ${name}
|
||||
Password = please
|
||||
Mask = *!${name}@*
|
||||
'';
|
||||
|
||||
serverName = "${subDomain}.irc.${domain}";
|
||||
cert = config.security.acme.certs."${serverName}";
|
||||
|
@ -51,6 +60,10 @@ in {
|
|||
MorePrivacy = yes
|
||||
PAM = yes
|
||||
PAMIsOptional = yes
|
||||
OperCanUseMode = yes
|
||||
OperChanPAutoOp = yes
|
||||
|
||||
${builtins.concatStringsSep "\n" opers}
|
||||
'';
|
||||
};
|
||||
networking.firewall.allowedTCPPorts = [
|
||||
|
|
Loading…
Reference in a new issue