ctucx.git: nixfiles

machines/lollo/scanner-sftp -> machines/briefkasten/scanner-sftp

diff --git a/machines/briefkasten/configuration.nix b/machines/briefkasten/configuration.nix
@@ -16,6 +16,8 @@
 
     # cal- and card-dav server
     ./radicale.nix
+
+    ./scanner-sftp.nix
   ];
 
   networking.usePBBUplink = true;

diff --git a/machines/briefkasten/scanner-sftp.nix b/machines/briefkasten/scanner-sftp.nix
@@ -0,0 +1,45 @@
+{ pkgs, ... }:
+
+{
+
+  environment.persistence."/nix/persist".directories = [ "/ads1700w" ];
+
+  users.users.ads1700w = {
+    isNormalUser = true;
+    createHome   = false;
+    shell        = "${pkgs.coreutils}/bin/false";
+    homeMode     = "770";
+    openssh.authorizedKeys.keys = [
+      "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDb2eZ2ymt+Zsf0eTlmjW2jPdS013lbde1+EGkgu6bz9lVTR8aawshF2HcoaWp5a5dJr3SKyihDM8hbWSYB3qyTHihNGyCArqSvAtZRw301ailRVHGqiwUITTfcg1533TtmWvlJZgOIFM1VvSAfdueDRRRzbygmn749fS9nhUTDzLtjqX5LvhpqhzsD+eOqPrV6Ne8E1e42JxQb5AJPY1gj9mk6eAarvtEHQYEe+/hp9ERjtCdN5DfuOJnqfaKS0ytPj/NbQskbX/TMgeUVio11iC2NbXsnAtzMmtbLX4mxlDQrR6aZmU/rHQ4aeJqI/Tj2rrF46icri7s0tnnit1OjT5PSxXgifcOtn06qoxYZMT1x+Dyrt40vNkGmxmxCnirm8B+6MKXgd/Ys+7tnOm1ht8TmLm96x6KdOiF3Zq/tMxhPAzp8JriTKSo7k7U9XxStFghTbhhBNc7OX89ZbpalLEnvbQiz87gZxhcx8cLvzIjslOHmZOSWC5Pgr4wwuj3Akq63i4ya6/BzM6v4UoBuDAB6fz3NHKL4R5X20la7Pvt7OBysQkGClWfj6ipMR1bFE2mfYtlMioXNgTjC+NCpEl1+81MH7dv2565Hk8CLV8FMxv6GujbAZGjjcM47lpWM1cBQvpBMUA/lLkyiCPK0YxNWAB7Co+jYDl6CR0Ubew== cardno:6445161"
+      "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDP/DrM0GxPUf6nSAb/p4vXQQF1uZ8y7Ah/A5kKpBCE/WEuGp9TYFW/Iy7/Y7vN2jKoaJkDYTrjjYIJA0kY1v5KUfdBJDK0aR5paGfqoHau2ee2GgOdInhrmlrUvOR8jCj0kwCHZKgEdmkH6Tj4yRYw3GGjuOZbA/r2VECSk/4+bY7JyrdYbURrnVNA9Lar9YOoA5PBxTKXEsk4OkXny0XVTlyan5K2335O/qJfViyjwwdoWUJwCJ/FtJD6sSO6uEYe6X8DT3iHPnNP5So3CWUxwKfgOWCS6g43ysSpLJO68jyjNJjhVqAvyjCfOlCceitDGTZHay5LLdHe+jz+U9aT root@BR5CF370B9359C"
+    ];
+  };
+
+  services.openssh = {
+    macs = [
+      "hmac-sha2-512-etm@openssh.com" "hmac-sha2-256-etm@openssh.com" "umac-128-etm@openssh.com" "hmac-sha2-512" "hmac-sha2-256" "umac-128@openssh.com"
+      # needed by scanner
+      "hmac-sha1"
+    ];
+
+    kexAlgorithms = [
+      "sntrup761x25519-sha512@openssh.com" "curve25519-sha256" "curve25519-sha256@libssh.org" "diffie-hellman-group-exchange-sha256"
+      # needed by scanner
+      "diffie-hellman-group-exchange-sha1"
+    ];
+
+    extraConfig = ''
+      PubkeyAcceptedKeyTypes=+ssh-rsa
+      HostKeyAlgorithms=+ssh-rsa
+
+      Match User ads1700w
+        ChrootDirectory /ads1700w
+        X11Forwarding no
+        AllowAgentForwarding no
+        AllowTcpForwarding no
+        PermitTunnel no
+        ForceCommand internal-sftp
+    '';
+  };
+
+}

diff --git a/machines/lollo/configuration.nix b/machines/lollo/configuration.nix
@@ -9,8 +9,6 @@
 
     ./hardware-configuration.nix
 
-    ./scanner-sftp.nix
-
     #dns server
     ./bind.nix
 

diff --git a/machines/lollo/scanner-sftp.nix b/machines/lollo/scanner-sftp.nix
@@ -1,44 +0,0 @@
-{ pkgs, ... }:
-
-{
-
-  environment.persistence."/nix/persist".directories = [ "/ads1700w" ];
-
-  users.users.ads1700w = {
-    isNormalUser = true;
-    createHome   = false;
-    shell        = "${pkgs.coreutils}/bin/false";
-    homeMode     = "770";
-    openssh.authorizedKeys.keys = [
-      "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDb2eZ2ymt+Zsf0eTlmjW2jPdS013lbde1+EGkgu6bz9lVTR8aawshF2HcoaWp5a5dJr3SKyihDM8hbWSYB3qyTHihNGyCArqSvAtZRw301ailRVHGqiwUITTfcg1533TtmWvlJZgOIFM1VvSAfdueDRRRzbygmn749fS9nhUTDzLtjqX5LvhpqhzsD+eOqPrV6Ne8E1e42JxQb5AJPY1gj9mk6eAarvtEHQYEe+/hp9ERjtCdN5DfuOJnqfaKS0ytPj/NbQskbX/TMgeUVio11iC2NbXsnAtzMmtbLX4mxlDQrR6aZmU/rHQ4aeJqI/Tj2rrF46icri7s0tnnit1OjT5PSxXgifcOtn06qoxYZMT1x+Dyrt40vNkGmxmxCnirm8B+6MKXgd/Ys+7tnOm1ht8TmLm96x6KdOiF3Zq/tMxhPAzp8JriTKSo7k7U9XxStFghTbhhBNc7OX89ZbpalLEnvbQiz87gZxhcx8cLvzIjslOHmZOSWC5Pgr4wwuj3Akq63i4ya6/BzM6v4UoBuDAB6fz3NHKL4R5X20la7Pvt7OBysQkGClWfj6ipMR1bFE2mfYtlMioXNgTjC+NCpEl1+81MH7dv2565Hk8CLV8FMxv6GujbAZGjjcM47lpWM1cBQvpBMUA/lLkyiCPK0YxNWAB7Co+jYDl6CR0Ubew== cardno:6445161"
-      "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDP/DrM0GxPUf6nSAb/p4vXQQF1uZ8y7Ah/A5kKpBCE/WEuGp9TYFW/Iy7/Y7vN2jKoaJkDYTrjjYIJA0kY1v5KUfdBJDK0aR5paGfqoHau2ee2GgOdInhrmlrUvOR8jCj0kwCHZKgEdmkH6Tj4yRYw3GGjuOZbA/r2VECSk/4+bY7JyrdYbURrnVNA9Lar9YOoA5PBxTKXEsk4OkXny0XVTlyan5K2335O/qJfViyjwwdoWUJwCJ/FtJD6sSO6uEYe6X8DT3iHPnNP5So3CWUxwKfgOWCS6g43ysSpLJO68jyjNJjhVqAvyjCfOlCceitDGTZHay5LLdHe+jz+U9aT root@BR5CF370B9359C"
-    ];
-  };
-
-  services.openssh = {
-    macs = [
-      "hmac-sha2-512-etm@openssh.com" "hmac-sha2-256-etm@openssh.com" "umac-128-etm@openssh.com" "hmac-sha2-512" "hmac-sha2-256" "umac-128@openssh.com"
-      # needed by scanner
-      "hmac-sha1"
-    ];
-
-    kexAlgorithms = [
-      "sntrup761x25519-sha512@openssh.com" "curve25519-sha256" "curve25519-sha256@libssh.org" "diffie-hellman-group-exchange-sha256"
-      # needed by scanner
-      "diffie-hellman-group-exchange-sha1"
-    ];
-
-    extraConfig = ''
-      PubkeyAcceptedKeyTypes=+ssh-rsa
-      HostKeyAlgorithms=+ssh-rsa
-
-      Match User ads1700w
-        ChrootDirectory /ads1700w
-        X11Forwarding no
-        AllowAgentForwarding no
-        AllowTcpForwarding no
-        PermitTunnel no
-        ForceCommand internal-sftp
-    '';
-  };
-}