nixos/prosody: add authentication option (fixes #53134)

Passwords should not be stored in plain text by default. On existing
installations the next time a users user accounts will automatically
be upgraded from plain to hashed one-by-one as they log in.
This commit is contained in:
Milan Pässler 2019-01-03 13:37:08 +01:00
parent 3556df6247
commit 387d85b271

View File

@ -422,6 +422,13 @@ in
description = "List of administrators of the current host";
};
authentication = mkOption {
type = types.enum [ "internal_plain" "internal_hashed" "cyrus" "anonymous" ];
default = "internal_hashed";
example = "internal_plain";
description = "Authentication mechanism used for logins.";
};
extraConfig = mkOption {
type = types.lines;
default = "";
@ -477,6 +484,7 @@ in
s2s_secure_domains = ${toLua cfg.s2sSecureDomains}
authentication = ${toLua cfg.authentication}
${ cfg.extraConfig }