Burp options: Fix indentation in CA config

Burp server: Add user for SSH-tunnelling in
2023-03-23 21:18:23 +01:00 · 2023-03-23 21:18:00 +01:00
2 changed files with 19 additions and 2 deletions
--- a/hosts/burp-server.nix
+++ b/hosts/burp-server.nix
@ -1,4 +1,4 @@
-{ config, lib, ... }:
+{ config, lib, pkgs, ... }:
 {
    services.burp.server = {
        enable = true;
@ -27,4 +27,21 @@
            "Mon,Tue,Wed,Thu,Fri,Sat,Sun,00,01,02,03,04,05,06,07,08,17,18,19,20,21,22,23"
        ];
    };
+
+    # Used for other clients to open an SSH tunnel to the burp server
+    users.users.burp-remote = {
+        isNormalUser = false;
+        isSystemUser = true;
+        createHome = false;
+        group = "nogroup";
+        # A shell is necessary for the user to run `sleep`
+        shell = pkgs.bash;
+        openssh.authorizedKeys.keys = [
+            "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIItwImll4vcrfRQZjf6zkEGJswpL9EdWRiibXtjis99J root@Emitter"
+        ];
+    };
+    services.openssh.extraConfig = ''
+        Match User burp-remote
+            ForceCommand ${pkgs.coreutils}/bin/sleep 10
+    '';
 }
--- a/options/burp.nix
+++ b/options/burp.nix
@ -51,7 +51,7 @@ let
        default_days            = 7300
        default_crl_days        = 7300

-#????
+        #????
        name_opt                = ca_default
        cert_opt                = ca_default
Author	SHA1	Message	Date
fruchti	4cd0b3d1c3	Burp options: Fix indentation in CA config	2023-03-23 21:18:23 +01:00
fruchti	60150bbe98	Burp server: Add user for SSH-tunnelling in	2023-03-23 21:18:00 +01:00