remove unmaintained services
This commit is contained in:
parent
9932e4dfda
commit
6582eea5df
@ -86,9 +86,8 @@
|
||||
openssh.authorizedKeys.keyFiles = [ config.secrets.publicKeys.fazo];
|
||||
};
|
||||
|
||||
# Runs two chatbots
|
||||
# User
|
||||
meme = {
|
||||
extraGroups = [ "ubino" "miguelbridge" ];
|
||||
isNormalUser = true;
|
||||
shell = pkgs.fish;
|
||||
openssh.authorizedKeys.keyFiles = [ config.secrets.publicKeys.meme ];
|
||||
@ -134,30 +133,8 @@
|
||||
enable = true;
|
||||
# Users don't have a password
|
||||
wheelNeedsPassword = false;
|
||||
extraConfig =
|
||||
let
|
||||
path = "/run/current-system/sw/bin";
|
||||
journal = name: "${path}/journalctl -* ${name}";
|
||||
services = lib.concatMapStringsSep "," (name: "${journal name}");
|
||||
in ''
|
||||
# Allow meme to see his logs.
|
||||
Cmnd_Alias MEME_UNITS = ${services ["ubino" "miguelbridge"]}
|
||||
meme ALL=(root) NOPASSWD: MEME_UNITS
|
||||
'';
|
||||
};
|
||||
|
||||
security.polkit.extraConfig = ''
|
||||
// Allow meme to manage his services.
|
||||
polkit.addRule(function(action, subject) {
|
||||
if (action.id == "org.freedesktop.systemd1.manage-units" &&
|
||||
subject.user == "meme" &&
|
||||
(action.lookup("unit") == "ubino.service" ||
|
||||
action.lookup("unit") == "miguelbridge.service")) {
|
||||
return polkit.Result.YES;
|
||||
}
|
||||
});
|
||||
'';
|
||||
|
||||
security.pam.loginLimits = [
|
||||
# Limit user process to stop fork bombs
|
||||
{ domain = "@users";
|
||||
@ -431,8 +408,6 @@
|
||||
];
|
||||
|
||||
### Misc. services
|
||||
services.ubino.enable = true;
|
||||
services.miguelbridge.enable = true;
|
||||
services.asjon.enable = true;
|
||||
|
||||
# Needed for the Asjon memory module
|
||||
|
@ -7,8 +7,6 @@
|
||||
[ # Misc. system services
|
||||
./modules/breve.nix
|
||||
./modules/asjon.nix
|
||||
./modules/ubino.nix
|
||||
./modules/miguelbridge.nix
|
||||
|
||||
# Safely handle secrets
|
||||
./modules/secrets-store.nix
|
||||
|
@ -1,52 +0,0 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.miguelbridge;
|
||||
|
||||
in {
|
||||
|
||||
options.services.miguelbridge = {
|
||||
enable = mkEnableOption "miguelbridge: Bridge Telegram - Matrix.";
|
||||
|
||||
user = mkOption {
|
||||
type = types.str;
|
||||
default = "miguelbridge";
|
||||
description = ''
|
||||
miguelbridge will be run under this user (user will be created if it doesn't exist.
|
||||
This can be your user name).
|
||||
'';
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
|
||||
users.groups.miguelbridge = {};
|
||||
|
||||
users.extraUsers."${cfg.user}" = {
|
||||
isSystemUser = true;
|
||||
group = "miguelbridge";
|
||||
description = "miguelbridge user";
|
||||
};
|
||||
|
||||
systemd.services.miguelbridge = {
|
||||
description = "miguelbridge: Bridge Telegram - Matrix";
|
||||
after = [ "network.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
serviceConfig = {
|
||||
User = cfg.user;
|
||||
Group = "miguelbridge";
|
||||
ExecStart = "${pkgs.openjdk}/bin/java -jar MiguelBridge.jar";
|
||||
Restart = "always";
|
||||
StateDirectory = "miguelbridge";
|
||||
WorkingDirectory = "%S/miguelbridge";
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
}
|
@ -1,52 +0,0 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.ubino;
|
||||
|
||||
in {
|
||||
|
||||
options.services.ubino = {
|
||||
enable = mkEnableOption "Ubino: assistente virtuale di Ube, sottoforma di bot di Telegram.";
|
||||
|
||||
user = mkOption {
|
||||
type = types.str;
|
||||
default = "ubino";
|
||||
description = ''
|
||||
Ubino will be run under this user (user will be created if it doesn't exist.
|
||||
This can be your user name).
|
||||
'';
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
|
||||
users.groups.ubino = {};
|
||||
|
||||
users.extraUsers."${cfg.user}" = {
|
||||
isSystemUser = true;
|
||||
group = "ubino";
|
||||
description = "Ubino user";
|
||||
};
|
||||
|
||||
systemd.services.ubino = {
|
||||
description = "Ubino: assistente virtuale di Ube, sottoforma di bot di Telegram.";
|
||||
after = [ "network.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
serviceConfig = {
|
||||
User = cfg.user;
|
||||
Group = "ubino";
|
||||
ExecStart = "${pkgs.openjdk}/bin/java -jar UbinoBot.jar";
|
||||
Restart = "always";
|
||||
StateDirectory = "ubino";
|
||||
WorkingDirectory = "%S/ubino";
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
}
|
Loading…
Reference in New Issue
Block a user