CLEAN: nix develop

2025-10-05 08:20:57 +02:00 · 2025-10-05 08:20:57 +02:00 · c495445e91
commit c495445e91
parent daeb15f821
22 changed files with 439 additions and 423 deletions
--- a/modules/services/ftp.nix
+++ b/modules/services/ftp.nix
@ -1,14 +1,14 @@
-{ config, pkgs, lib, ... }: {
+_: {
  # -------------------------------------------------
  # 1️⃣ Création de l’utilisateur système dédié FTP
  # -------------------------------------------------
  users.users.ftpuser = {
-    isSystemUser = true;               # pas de login shell
-    description   = "Compte FTP dédié";
-    home          = "/srv/ftp/ftpuser";
-    createHome    = true;
-    group         = "ftpuser";
-    shell         = "/usr/bin/nologin";
+    isSystemUser = true; # pas de login shell
+    description = "Compte FTP dédié";
+    home = "/srv/ftp/ftpuser";
+    createHome = true;
+    group = "ftpuser";
+    shell = "/usr/bin/nologin";
  };
  users.groups.ftpuser = {};

@ -16,11 +16,11 @@
    extraConfig = ''
      Match User ftpuser
        ChrootDirectory /srv/ftp/ftpuser
-        ForceCommand internal-sftp 
-        AllowTcpForwarding no 
+        ForceCommand internal-sftp
+        AllowTcpForwarding no
        X11Forwarding no
    '';
-    };
+  };

  # -------------------------------------------------
  # 2️⃣ Permissions du répertoire home (méthode A)
@ -48,22 +48,20 @@

    # Chroot chaque utilisateur local dans son $HOME
    chrootlocalUser = true;
-    allowWriteableChroot = true ;
-
-extraConfig = ''
-    pasv_min_port=40000
-    pasv_max_port=40004
-  '';
+    allowWriteableChroot = true;

+    extraConfig = ''
+      pasv_min_port=40000
+      pasv_max_port=40004
+    '';
  };

  # -------------------------------------------------
  # 4️⃣ Ouverture des ports dans le firewall NixOS
  # -------------------------------------------------
  networking.firewall = {
-    allowedTCPPorts = [ 21 40000 40001 40002 40003 40004 ];
+    allowedTCPPorts = [21 40000 40001 40002 40003 40004];
    # Si vous utilisez FTPS implicite (port 990) :
    # allowedTCPPorts = [ 21 990 40000 40001 40002 40003 40004 ];
  };
 }
-