nixos/openldap: migrate sssd-ldap to new settings
This commit is contained in:
parent
db5bb4e26b
commit
c96f18feee
@ -26,14 +26,12 @@ in {
|
||||
enable = true;
|
||||
settings = {
|
||||
children = {
|
||||
"cn=schema" = {
|
||||
includes = [
|
||||
"${pkgs.openldap}/etc/schema/core.ldif"
|
||||
"${pkgs.openldap}/etc/schema/cosine.ldif"
|
||||
"${pkgs.openldap}/etc/schema/inetorgperson.ldif"
|
||||
"${pkgs.openldap}/etc/schema/nis.ldif"
|
||||
];
|
||||
};
|
||||
"cn=schema".includes = [
|
||||
"${pkgs.openldap}/etc/schema/core.ldif"
|
||||
"${pkgs.openldap}/etc/schema/cosine.ldif"
|
||||
"${pkgs.openldap}/etc/schema/inetorgperson.ldif"
|
||||
"${pkgs.openldap}/etc/schema/nis.ldif"
|
||||
];
|
||||
"olcDatabase={1}mdb" = {
|
||||
# This tests string, base64 and path values, as well as lists of string values
|
||||
attrs = {
|
||||
|
@ -17,10 +17,26 @@
|
||||
machine = { pkgs, ... }: {
|
||||
services.openldap = {
|
||||
enable = true;
|
||||
database = "mdb";
|
||||
rootdn = "cn=${ldapRootUser},${dbSuffix}";
|
||||
rootpw = ldapRootPassword;
|
||||
suffix = dbSuffix;
|
||||
settings = {
|
||||
children = {
|
||||
"cn=schema".includes = [
|
||||
"${pkgs.openldap}/etc/schema/core.ldif"
|
||||
"${pkgs.openldap}/etc/schema/cosine.ldif"
|
||||
"${pkgs.openldap}/etc/schema/inetorgperson.ldif"
|
||||
"${pkgs.openldap}/etc/schema/nis.ldif"
|
||||
];
|
||||
"olcDatabase={1}mdb" = {
|
||||
attrs = {
|
||||
objectClass = [ "olcDatabaseConfig" "olcMdbConfig" ];
|
||||
olcDatabase = "{1}mdb";
|
||||
olcDbDirectory = "/var/db/openldap";
|
||||
olcSuffix = dbSuffix;
|
||||
olcRootDN = "cn=${ldapRootUser},${dbSuffix}";
|
||||
olcRootPW = ldapRootPassword;
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
declarativeContents = {
|
||||
${dbSuffix} = ''
|
||||
dn: ${dbSuffix}
|
||||
|
Loading…
Reference in New Issue
Block a user