stockholm/makefu/2configs/share-user-sftp.nix

{ config, ... }:

{
  users.users = {
    share = {
      uid = 9002;
      home = "/var/empty";
      openssh.authorizedKeys.keys = [ config.krebs.users.makefu.pubkey ];
    };
  };
  # we will use internal-sftp to make uncomplicated Chroot work
  services.openssh.extraConfig = ''
    Match User share
      ChrootDirectory /media
      ForceCommand internal-sftp
      AllowTcpForwarding no
      PermitTunnel no
      X11Forwarding no
    Match All
  '';
}
ma 1 omo: use sftp share 2016-01-14 11:42:52 +00:00			`{ config, ... }:`

			`{`
			`users.users = {`
			`share = {`
			`uid = 9002;`
			`home = "/var/empty";`
			`openssh.authorizedKeys.keys = [ config.krebs.users.makefu.pubkey ];`
			`};`
			`};`
			`# we will use internal-sftp to make uncomplicated Chroot work`
			`services.openssh.extraConfig = ''`
			`Match User share`
			`ChrootDirectory /media`
			`ForceCommand internal-sftp`
			`AllowTcpForwarding no`
			`PermitTunnel no`
			`X11Forwarding no`
			`Match All`
			`'';`
			`}`