diff options
author | William Carroll <wpcarro@gmail.com> | 2020-06-30T18·51+0100 |
---|---|---|
committer | William Carroll <wpcarro@gmail.com> | 2020-06-30T18·53+0100 |
commit | 6cb921739da6fe3b34000d8aa4080bf61b4797cd (patch) | |
tree | 7621f781a1da1954aed9e7d949d068be2690bc48 /nixos/socrates/configuration.nix | |
parent | 58dc543a7b37e97416800e3b1d5f783c0e38060f (diff) |
Support bitlbee + stunnel
TLS support for bitlbee...
Diffstat (limited to 'nixos/socrates/configuration.nix')
-rw-r--r-- | nixos/socrates/configuration.nix | 20 |
1 files changed, 19 insertions, 1 deletions
diff --git a/nixos/socrates/configuration.nix b/nixos/socrates/configuration.nix index 81dc9f1a76e6..0af4a314191d 100644 --- a/nixos/socrates/configuration.nix +++ b/nixos/socrates/configuration.nix @@ -27,7 +27,7 @@ in { networkmanager.enable = true; interfaces.enp2s0f1.useDHCP = true; interfaces.wlp3s0.useDHCP = true; - firewall.allowedTCPPorts = [ 9418 80 443 6667 ]; + firewall.allowedTCPPorts = [ 9418 80 443 6697 ]; }; time.timeZone = "UTC"; @@ -79,6 +79,24 @@ in { # Services ############################################################################## + systemd.services.bitlbee-stunnel = { + description = "Provides TLS termination for Bitlbee."; + wantedBy = [ "multi-user.target" ]; + unitConfig = { + Restart = "always"; + User = "nginx"; # This is a hack to easily get certificate access. + }; + script = let configFile = builtins.toFile "stunnel.conf" '' + foreground = yes + debug = 7 + + [ircs] + accept = 0.0.0.0:6697 + connect = 6667 + cert = /var/lib/acme/wpcarro.dev/full.pem + ''; in "${pkgs.stunnel}/bin/stunnel ${configFile}"; + }; + nixpkgs.config.bitlbee.enableLibPurple = true; services.bitlbee = { interface = "0.0.0.0"; |