From 9a66a3ad34895900b0e3a40b7e5e6f3d8f81cbc3 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Wed, 16 Dec 2020 16:10:08 +0100
Subject: [PATCH] ma anon-sftp: init

---
 .../light/{groups.nix => schlafzimmer.nix}    |  0
 2configs/share/anon-sftp.nix                  | 25 +++++++++++++++++++
 2 files changed, 25 insertions(+)
 rename 2configs/ham/light/{groups.nix => schlafzimmer.nix} (100%)
 create mode 100644 2configs/share/anon-sftp.nix

diff --git a/2configs/ham/light/groups.nix b/2configs/ham/light/schlafzimmer.nix
similarity index 100%
rename from 2configs/ham/light/groups.nix
rename to 2configs/ham/light/schlafzimmer.nix
diff --git a/2configs/share/anon-sftp.nix b/2configs/share/anon-sftp.nix
new file mode 100644
index 0000000..7cde931
--- /dev/null
+++ b/2configs/share/anon-sftp.nix
@@ -0,0 +1,25 @@
+{ config, lib, pkgs, ... }:
+
+with import <stockholm/lib>;
+{
+  services.openssh = {
+    allowSFTP = true;
+    sftpFlags = [ "-l VERBOSE" ];
+    extraConfig = ''
+      Match User anonymous
+        ForceCommand internal-sftp
+        AllowTcpForwarding no
+        X11Forwarding no
+        PasswordAuthentication no
+    '';
+  };
+
+  users.users.anonymous = {
+    uid = genid "anonymous";
+    useDefaultShell = false;
+    password = "anonymous";
+    home = "/media/anon";
+    createHome = true;
+  };
+
+}