ftp: sftp working

This commit is contained in:
polygon - 2022-07-16 21:50:55 +02:00
parent fe8f3d3abb
commit 7cec5e2734
2 changed files with 28 additions and 5 deletions

View File

@ -24,6 +24,15 @@
firewall.allowedTCPPorts = [ 80 443 ];
};
users.groups."ftpupload" = { };
users.users."ftpupload" = {
home = "/home/ftpupload";
group = "ftpupload";
openssh.authorizedKeys.keyFiles = [ ./ftpupload.authorized_keys ];
isNormalUser = true;
};
services.nginx = {
enable = true;
recommendedOptimisation = true;
@ -32,6 +41,7 @@
recommendedProxySettings = true;
sslDhparam = "${config.security.dhparams.params."nginx".path}";
defaultListenAddresses = [ "0.0.0.0" ];
additionalModules = [ pkgs.nginxModules.fancyindex ];
};
services.nginx.virtualHosts."ftp.c3d2.de" = {
@ -40,7 +50,11 @@
forceSSL = true;
locations."/" = {
root = "/var/www/ftp.c3d2.de";
extraConfig = "autoindex on;";
extraConfig = ''
fancyindex on;
fancyindex_exact_size off;
fancyindex_css_href /.theme/style.css;
'';
};
};
@ -50,7 +64,16 @@
params."nginx".bits = 4096;
};
services.openssh.enable = true;
services.openssh = {
enable = true;
extraConfig = ''
Match User ftpupload
X11Forwarding no
ChrootDirectory /var/www
AllowTcpForwarding no
ForceCommand internal-sftp
'';
};
sops = {
age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];

View File

@ -8,9 +8,6 @@ ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDVUwVI5GeeQxOnC8/zvNfbSG1AXHaAP1CAZFs5fWX8
ssh-dss AAAAB3NzaC1kc3MAAACBAK2RIsOqOdQNlgbVObGB9L1/h6/Ki3VxdnjpWLBKfDyak1rXEdLppWgZ9GXxJr0h/ymM0/GUn0DLdAgGqUDUyQgUZmgHyIsIvU7+1CIX+XEjnCfKEXEK7uJyhkP5p30ZIN+dnwyq4lxlPhv4gGAibJYKuBu7+Eu9RGtX38gM3b7/AAAAFQDPIDUmXvh1vu1cSTtfZe4evWtwXwAAAIBFDTEsuH+sy9OcZlchxpxkWk8IGtjr0V9GDw+FVTMXuLodKwKYToxeOUF67bUIpWLWeRLBi+LnvsdfsrFlA3XFnlszAxxTC7OFw2BD2nEX1XDGM+ao/NjJc2KXV+cfVPCdQU8tiDlEqZmuu1TKR5Ig6IJBYQUYl88d9ngN8JrzbAAAAIBNRgeW6mhwtXsKuQaTUaCyKwn8gkwwb2u1+yx7QDllASfjQDr8c5KqPH5xyJ7KKLhU1Ut4nkxTBgtw297ihYWQyQvCFtZMxoIjJU05hOcGsccBRJkLxx5JUWxNdLHUo3z7dssibKamf83zLmJqlkaSAT/YCt3ttxDbZL9Ql6vptg== klobs@bronchitis.local
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAxaN5WcZWIfnAdBfosFHPmI8wzC9n2vH85VhCUadR2SdQO/T0x4TfYMYVEKoAufQraSXzzZ9QIcy7l7AMENvrAQTpuj7xIoXdIXTre696Vsp6xFsKyjNmRdBS2yTKNfGGWVg94qvMebWEf/SdGIu55d3OjFb1qxyuazpVufiEH6HBBx4FiIuMSV5IlNYpCj6bTYfpEip1P6ni8nUnHbc7YapBzDCwSHaanbD9RCLj78yZK3iduJMoIkJvD5FvkqQitebI+IqtUSowz61VLyefw7ttFT5OC2WqRI6Yi068KWfD10bfrSmDhXABAPDECkwM5t3V/wdA7gfyk9dD7cjdSQ== klobs@glaukom.local
# Astro
ssh-dss AAAAB3NzaC1kc3MAAAIBAPxPPvWvNkFgKQHXs97RcJpH0Rv79ohC3BV38jAWzM7aWUq+8DB0WWzBSIDQc5TqUrj0USIgOnUo/me69aNOxN3dd4ltGgm+825lHhfblxYMWK8W+xVh+LgDCONJXIM7rV50dmLeHYtuqDzcLP3vt0SgPJXtFz7ByaUGYc7ScTEMhoJ0OJ5dz9JR4U5Wh0awsCU0VzF+9FpFvIC7EgBxwXxEIBm0nIJSee/iMN1PbOnh7mnktrBNuIY4VM0S639YNPwqcUhKwpEqT+X1OI4YyVj7MCw1wpgDHHzFCrdMgPza1w6rqj9QYxnvMyP2SgxJfAheukowgWkEVIoriW+20aOQmLB/xa6wUHjtZgVQTRgOD4LVpwa6rb2cq5MQ22skVA+7vEj60JBvWJASyodUggCBs2CHpWBSGgntL0f41TMqbd7zgS38dl+Na+s9d0L32DuCUc+Gx3NoCwLR0X6nkD5MVOJFKtChamtkw3iZtdh7oC7OZpPZCniMsa6wupW81y3Mb1jk0ilOgte/Oge/gT6Zd5zQzxW7t1mJBvPRJu/niufMKDBCit1WTGvcrggcu8ir8xVwSxkn2d4LCg+qHyk6I7dpItVW8IqQJY3as/wcE8dy5LRDkd11UWkKVIQzppHDxCLmpIpCBlkz9B8cDYtKQOb9E0P7qH29qg75cAfpAAAAFQDrJhZUe3Z5Riw2zNfzDUcErjp8bwAAAgBSR9ZDZrPrkgCOEsYpr62nVwwufazOT53XuwjdbZ8S1xEWWg7VL0igad7i/GMPefzBUfOfnByheCKJbK3ZMAK2Ehf3vIzvq/6kWdeSheu4ic2HfmcETjCDsFpu3RBLXGYIhyWfvgRvx2Mipy+PSXcRukguQu53cnoznQapjNiu6GT5Y5ohlG1s52rwLnhcfDKQAAyOcm1fZ4xPBZHfie01TWP0MlLSgRBLIlaek/Glw/VT9FioW+dJFX90Bsa0jeDRSt4hl8CA8syTrK2xUcQdOoh8jmzpJ8zrS+9+qcjK85J+gRZHZn+/om1poPQZ/QVi7wm6GBuTMB/ne7NoxTxWN2HihTq/GAN8dmtp2YZ5fKYVMHxfquFXajpI7/Na7yAarqp5/ahl8u2MA6br2c0eZXUBSrmk6+Yg75Pn7ejdVe92TLJJxH6L0FWWluZpCeNbDi9Yeps9LEiGVMgN0XZz0V/GMkIH+G8uoWqW74Z5SckOSlcMzeNCfHz2jX0556R16FTEnQjxGBYWk4eOKLxnQh6RcMdUU6BtvvWomx3IWt0pnrnyGVIxfKFb0Y3yVGa6QX6cTw8x0qrnI1gRYNwSgx9g6BHJQxaro05KXiV3dKmiWIszXshKKtzvFJKjhhB6EUAYKo3ZejTps9PyyGBt5E9fn3Q6LrWtE3VRgmWQgAAAAgEAghQi/qzuSxirxgLaej/4Hk4gr/iCu7bkeP0kwaMoWksSn0+tEvsa87ZBRnVm0GWprigotQobM9dSoUzWyULifLGhx4Vohck+Wh6eIkDIHq/Ls7zpvrHynkJNDFWx55pMSYi3SJEKpQQtUGNcsAjZEBA2XJn2ovhmzWR6nbqdpSmEQTh/ejbq0+tmHOKIQi0WX2MKAIfj2+53fVqlVMXaeAQTwDCJNvRFit6uWyCgul4rxwNWcMLsV4mYVyIxjXjdP1pZdGjxuy14BY5iNyyg/WWi8vhuk/uFQHfKJ953PWeh3To9KBVeY5j6MpRBhLU3j8MXyf974x1m0HS0y/8oeNd7yT5+DHMm9e+1SEQzcFmtjlCsLP8d3/CiyU0jGHlEtcKLVq0BAHC7SvPg1cUiVkCY+Jmf2Jx7EUXrsEOOkbNcfnZheydo5nJ6GqQpKD1KVhiT+UZR7BwnFDeSMj2o/LvP9uLJ4e4JcA3T/v6WNNZZqTHWoasyhnxlPulUWr/GFhrumObjZCelKbDCcyiEZeyEVdpG1xO313PzsseZqPJWzI1PhyiB7HN3awT3bWX7+eI7EFfD0Xk1H7axic1sIy6BHnzIySZMoWLQVLLuMXVeIUbbZG8xM5+4NbAZkGqQFsozN4hArFkDWK4rkEFoIw/PkhjFDU8PNQ0v9E7WpnU= stephan@saturn
# koeart
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAtaXDvgxpKb7jP/Q0Xfqm+1W4irvx8vtUDxndLxNXD16b856ZbSd+v4C7KsF1LkPLptKiKh0vDgHmZ+a9B7189zCkIDQ0onM7DFQWCw1dRnER+LPeZYaCgNBcfSevoFGV9vSvWwBsFdWvzEL7HvNiU6AbL1ZGHTHa+Ip0Ay4RaAVNijOi4UphRPJWaIolZ1R+vxQtrVRRV0q9o36aSh9dm0OdOJZy3AYxHfBY6rBiLpcvviq3Vxf/xWDBIWN0AvGRavxk0nno+e9TduletUl93jJSwh4zx2DUctwf0Cxyzhaqt+naa3eSzZ/CSP4WDEw5tDwfgUQiMLEzyPOL/mBRjw== ftp <<</>>
@ -37,3 +34,6 @@ ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCyACA2KbF93CBECjKDm0mdrmw/uhqXvkbfrSacin2B
# xyrill
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC/IKuWv+i/3+rPipbncrMV590y+dUYeC+syxVimdoghS1MPLDy5mqj3rEtY1g3hhH7ZLjumbOFxboO1YYK5UNA2g5HhRwI6vJiS4NijITiKRrDTPJ4/qejQWsEBlhvhH09iO8goxjxI8moldhiSZOkDuxULztRjUQBHJzlywIH4hS1k6B7MeYW/bPVTo02AeWepkpgYzrODrTMRE4f1a/Apx9eN5bkWbqdfuXGCB92icSQvxGiw3UyUklcUDonp9SdAnxUxLHodNlFm2jWQxUjhHbNsTJ0e7Ybcs5oiWIlLfBf9kVQ9z+JBVnTQlTohXuW329wVZLpdIeYqbYgd/e/1NNgBUc+FSony0vNP9WThMB/k8QurXvi2i/xzke1VZ3wWdfNR1cu2XGHuBds4Ca+ZxcyYDYCyq91KppKmbTH/n9p5UgUKUx/DYjVnoD7HAxUqZbz+nFuEm2XaXHJdeClH3hPGsmDK9x+/SqwRLMa3fTl9X2OK03zzOute913zS/ZLyBvDudiVS2Zb3PNbtGW7cF82ywWDIGcWDCnjLDRE+89b4c78jdxKdNu08dJu+jrOWQMb60svEpbZ044nA1TN8PTuOo4ndYbOOdp1oUK1OqMQ8+PsdbblD7GV+dtLYggpIr9MgPCsbeum3+H00T2rt+pF76RsgPk6jY2wxrZdQ==
# poly
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICGEKrCGXyHqD0jdTYVHnnScL9mhDU2PR9VyH7fu528J