cluster/services/irc: add oper configuration

This commit is contained in:
Max Headroom 2022-09-18 23:37:50 +02:00
parent 1ffd88cfe3
commit fc845158d8

View file

@ -9,6 +9,7 @@ let
linkSecure = cluster.config.links.ircSecure;
otherServers = map mkServer cluster.config.services.irc.otherNodes.host;
otherServerFiles = map (builtins.toFile "ngircd-peer.conf") otherServers;
opers = map mkOper [ "max" "num" "ark" ];
mkServer = name: ''
[Server]
@ -20,6 +21,14 @@ let
SSLConnect = yes
Passive = no
'';
# oper password is irrelevant, mask ensures security thanks to PAM
mkOper = name: ''
[Operator]
Name = ${name}
Password = please
Mask = *!${name}@*
'';
serverName = "${subDomain}.irc.${domain}";
cert = config.security.acme.certs."${serverName}";
@ -51,6 +60,10 @@ in {
MorePrivacy = yes
PAM = yes
PAMIsOptional = yes
OperCanUseMode = yes
OperChanPAutoOp = yes
${builtins.concatStringsSep "\n" opers}
'';
};
networking.firewall.allowedTCPPorts = [