Support bitlbee + stunnel

TLS support for bitlbee...
This commit is contained in:
William Carroll 2020-06-30 19:51:44 +01:00
parent 58dc543a7b
commit 6cb921739d

View file

@ -27,7 +27,7 @@ in {
networkmanager.enable = true;
interfaces.enp2s0f1.useDHCP = true;
interfaces.wlp3s0.useDHCP = true;
firewall.allowedTCPPorts = [ 9418 80 443 6667 ];
firewall.allowedTCPPorts = [ 9418 80 443 6697 ];
};
time.timeZone = "UTC";
@ -79,6 +79,24 @@ in {
# Services
##############################################################################
systemd.services.bitlbee-stunnel = {
description = "Provides TLS termination for Bitlbee.";
wantedBy = [ "multi-user.target" ];
unitConfig = {
Restart = "always";
User = "nginx"; # This is a hack to easily get certificate access.
};
script = let configFile = builtins.toFile "stunnel.conf" ''
foreground = yes
debug = 7
[ircs]
accept = 0.0.0.0:6697
connect = 6667
cert = /var/lib/acme/wpcarro.dev/full.pem
''; in "${pkgs.stunnel}/bin/stunnel ${configFile}";
};
nixpkgs.config.bitlbee.enableLibPurple = true;
services.bitlbee = {
interface = "0.0.0.0";