philipp/nixpkgs
1
0
Fork 0
Code Issues Pull requests Projects Releases Activity
nixpkgs/modules/services/networking/vsftpd.nix
Eelco Dolstra e91d882a94 * Converted modules that were still using the old (concrete syntax) 
style of declaring Upstart jobs.  While at it, converted them to the
  current NixOS module style and improved some option descriptions.
  Hopefully I didn't break too much :-)

svn path=/nixos/trunk/; revision=17761
2009-10-12 16:36:19 +00:00

136 lines
3.3 KiB
Nix
Raw Blame History

{ config, pkgs, ... }:
with pkgs.lib;
let
cfg = config.services.vsftpd;
inherit (pkgs) vsftpd;
yesNoOption = p : name :
"${name}=${if p then "YES" else "NO"}";
in
{
###### interface
options = {
services.vsftpd = {
enable = mkOption {
default = false;
description = "Whether to enable the vsftpd FTP server.";
};
anonymousUser = mkOption {
default = false;
description = "Whether to enable the anonymous FTP user.";
};
anonymousUserHome = mkOption {
default = "/home/ftp";
description = "Path to anonymous user data.";
};
localUsers = mkOption {
default = false;
description = "Whether to enable FTP for local users.";
};
writeEnable = mkOption {
default = false;
description = "Whether any write activity is permitted to users.";
};
anonymousUploadEnable = mkOption {
default = false;
description = "Whether any uploads are permitted to anonymous users.";
};
anonymousMkdirEnable = mkOption {
default = false;
description = "Whether mkdir is permitted to anonymous users.";
};
chrootlocalUser = mkOption {
default = false;
description = "Whether local users are confined to their home directory.";
};
userlistEnable = mkOption {
default = false;
description = "Whether users are included.";
};
userlistDeny = mkOption {
default = false;
description = "Whether users are excluded.";
};
};
};
###### implementation
config = mkIf cfg.enable {
users.extraUsers =
[ { name = "vsftpd";
uid = config.ids.uids.vsftpd;
description = "VSFTPD user";
home = "/homeless-shelter";
}
] ++ pkgs.lib.optional cfg.anonymousUser
{ name = "ftp";
uid = config.ids.uids.ftp;
group = "ftp";
description = "Anonymous FTP user";
home = cfg.anonymousUserHome;
};
users.extraGroups = singleton
{ name = "ftp";
gid = config.ids.gids.ftp;
};
jobAttrs.vsftpd =
{ description = "vsftpd server";
startOn = "network-interfaces/started";
stopOn = "network-interfaces/stop";
preStart =
''
# !!! Why isn't this generated in the normal way?
cat > /etc/vsftpd.conf <<EOF
${yesNoOption cfg.anonymousUser "anonymous_enable"}
${yesNoOption cfg.localUsers "local_enable"}
${yesNoOption cfg.writeEnable "write_enable"}
${yesNoOption cfg.anonymousUploadEnable "anon_upload_enable"}
${yesNoOption cfg.anonymousMkdirEnable "anon_mkdir_write_enable"}
${yesNoOption cfg.chrootlocalUser "chroot_local_user"}
${yesNoOption cfg.userlistEnable "userlist_enable"}
${yesNoOption cfg.userlistDeny "userlist_deny"}
background=NO
listen=YES
nopriv_user=vsftpd
secure_chroot_dir=/var/ftp/empty
EOF
mkdir -p ${cfg.anonymousUserHome}
chown -R ftp:ftp ${cfg.anonymousUserHome}
'';
exec = "${vsftpd}/sbin/vsftpd /etc/vsftpd.conf";
};
};
}
Reference in a new issue View git blame Copy permalink