summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2019-12-02 01:27:22 +0100
committermakefu <github@syntax-fehler.de>2020-01-05 22:16:09 +0100
commit25c98596737ed085cc6297572c521434526bcc4e (patch)
tree1138d3c9d660d1b307bc3656ba417f990ea65396
parent02a134b019d00b94c29beaf6ce1fdf30dcec93dd (diff)
tv im: add mosh support
-rw-r--r--tv/3modules/im.nix35
1 files changed, 30 insertions, 5 deletions
diff --git a/tv/3modules/im.nix b/tv/3modules/im.nix
index 830c4baef..905b7803b 100644
--- a/tv/3modules/im.nix
+++ b/tv/3modules/im.nix
@@ -29,6 +29,9 @@ in {
default = config.krebs.hosts.nomic;
type = lib.types.host;
};
+ tv.im.server.mosh.enable = lib.mkEnableOption "tv.im.server.mosh" // {
+ default = true;
+ };
tv.im.server.user = lib.mkOption {
default = config.krebs.users.tv;
type = lib.types.user;
@@ -38,11 +41,18 @@ in {
(lib.mkIf im.client.enable {
users.users.${im.client.user.name}.packages = [
(pkgs.writeDashBin "im" ''
- exec ${pkgs.openssh}/bin/ssh \
- ${lib.optionalString im.client.useIPv6 "-6"} \
- ${im.server.user.name}@${lib.head im.server.host.nets.retiolum.aliases} \
- -t \
- im
+ ${if im.server.mosh.enable then /* sh */ ''
+ exec ${pkgs.mosh}/bin/mosh \
+ ${lib.optionalString im.client.useIPv6 "-6"} \
+ ${im.server.user.name}@${lib.head im.server.host.nets.retiolum.aliases} \
+ env TERM=${im.client.term} im
+ '' else /* sh */ ''
+ exec ${pkgs.openssh}/bin/ssh \
+ ${lib.optionalString im.client.useIPv6 "-6"} \
+ ${im.server.user.name}@${lib.head im.server.host.nets.retiolum.aliases} \
+ -t \
+ im
+ ''}
'')
];
})
@@ -54,6 +64,7 @@ in {
];
};
users.users.${im.server.user.name}.packages = [
+ pkgs.mosh
(pkgs.writeDashBin "im" ''
export PATH=${lib.makeSearchPath "bin" [
pkgs.tmux
@@ -68,5 +79,19 @@ in {
'')
];
})
+ (lib.mkIf im.server.mosh.enable {
+ krebs.setuid.utempter = {
+ filename = "${pkgs.libutempter}/lib/utempter/utempter";
+ owner = "nobody";
+ group = "utmp";
+ mode = "2111";
+ };
+ tv.iptables.extra4.filter.Retiolum = [
+ "-s ${im.client.host.nets.retiolum.ip4.addr} -p udp --dport 60000:61000 -j ACCEPT"
+ ];
+ tv.iptables.extra6.filter.Retiolum = [
+ "-s ${im.client.host.nets.retiolum.ip6.addr} -p udp --dport 60000:61000 -j ACCEPT"
+ ];
+ })
];
}