mirror of
https://git.sr.ht/~rouven/nixos-config
synced 2025-05-12 23:31:08 +02:00
ran deadnix
This commit is contained in:
parent
cf5fdaed5d
commit
2281866548
7 changed files with 105 additions and 109 deletions
hosts
falkenstein/modules
thinkpad
|
@ -36,7 +36,7 @@ let
|
|||
subdomains =
|
||||
let
|
||||
getVirtualHosts = hostname: map (name: builtins.substring 0 (builtins.stringLength name - (builtins.stringLength domain + 1)) name) (builtins.attrNames self.nixosConfigurations."${hostname}".config.services.caddy.virtualHosts);
|
||||
genCNAMEs = hostname: lib.attrsets.genAttrs (getVirtualHosts hostname) (label: { CNAME = [ "${hostname}.${domain}." ]; });
|
||||
genCNAMEs = hostname: lib.attrsets.genAttrs (getVirtualHosts hostname) (_label: { CNAME = [ "${hostname}.${domain}." ]; });
|
||||
in
|
||||
lib.attrsets.mergeAttrsList [
|
||||
rec {
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ config, lib, ... }:
|
||||
{ config, ... }:
|
||||
{
|
||||
# required for elasticsearch
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
|
|
|
@ -53,56 +53,56 @@
|
|||
console.keyMap = "dvorak";
|
||||
|
||||
|
||||
# services.openldap = {
|
||||
# enable = true;
|
||||
# urlList = [ "ldap:///" ];
|
||||
# settings = {
|
||||
# attrs = {
|
||||
# olcLogLevel = "conns config";
|
||||
# };
|
||||
# children = {
|
||||
# "cn=schema".includes = [
|
||||
# "${pkgs.openldap}/etc/schema/core.ldif"
|
||||
# # attributetype ( 9999.1.1 NAME 'isMemberOf'
|
||||
# # DESC 'back-reference to groups this user is a member of'
|
||||
# # SUP distinguishedName )
|
||||
# "${pkgs.openldap}/etc/schema/cosine.ldif"
|
||||
# "${pkgs.openldap}/etc/schema/inetorgperson.ldif"
|
||||
# "${pkgs.openldap}/etc/schema/nis.ldif"
|
||||
# # "${pkgs.writeText "openssh.schema" ''
|
||||
# # attributetype ( 9999.1.2 NAME 'sshPublicKey'
|
||||
# # DESC 'SSH public key used by this user'
|
||||
# # SUP name )
|
||||
# # ''}"
|
||||
# ];
|
||||
services.openldap = {
|
||||
enable = true;
|
||||
urlList = [ "ldap:///" ];
|
||||
settings = {
|
||||
attrs = {
|
||||
olcLogLevel = "conns config";
|
||||
};
|
||||
children = {
|
||||
"cn=schema".includes = [
|
||||
"${pkgs.openldap}/etc/schema/core.ldif"
|
||||
# attributetype ( 9999.1.1 NAME 'isMemberOf'
|
||||
# DESC 'back-reference to groups this user is a member of'
|
||||
# SUP distinguishedName )
|
||||
"${pkgs.openldap}/etc/schema/cosine.ldif"
|
||||
"${pkgs.openldap}/etc/schema/inetorgperson.ldif"
|
||||
"${pkgs.openldap}/etc/schema/nis.ldif"
|
||||
# "${pkgs.writeText "openssh.schema" ''
|
||||
# attributetype ( 9999.1.2 NAME 'sshPublicKey'
|
||||
# DESC 'SSH public key used by this user'
|
||||
# SUP name )
|
||||
# ''}"
|
||||
];
|
||||
|
||||
# "olcDatabase={1}mdb".attrs = {
|
||||
# objectClass = [ "olcDatabaseConfig" "olcMdbConfig" ];
|
||||
"olcDatabase={1}mdb".attrs = {
|
||||
objectClass = [ "olcDatabaseConfig" "olcMdbConfig" ];
|
||||
|
||||
# olcDatabase = "{1}mdb";
|
||||
# olcDbDirectory = "/var/lib/openldap/data";
|
||||
olcDatabase = "{1}mdb";
|
||||
olcDbDirectory = "/var/lib/openldap/data";
|
||||
|
||||
# olcSuffix = "dc=ifsr,dc=de";
|
||||
olcSuffix = "dc=ifsr,dc=de";
|
||||
|
||||
# /* your admin account, do not use writeText on a production system */
|
||||
# olcRootDN = "cn=portunus,dc=ifsr,dc=de";
|
||||
# olcRootPW = "{CRYPT}$y$j9T$xdf4HigfhmQWXn.bw9MgH/$91evhYAV1GP7olNCkQoCpUZrghh5P8dDXcZdAtpiD32";
|
||||
/* your admin account, do not use writeText on a production system */
|
||||
olcRootDN = "cn=portunus,dc=ifsr,dc=de";
|
||||
olcRootPW = "{CRYPT}$y$j9T$xdf4HigfhmQWXn.bw9MgH/$91evhYAV1GP7olNCkQoCpUZrghh5P8dDXcZdAtpiD32";
|
||||
|
||||
# olcAccess = [
|
||||
# /* custom access rules for userPassword attributes */
|
||||
# ''{0}to attrs=userPassword
|
||||
# by self write
|
||||
# by anonymous auth
|
||||
# by * none''
|
||||
olcAccess = [
|
||||
/* custom access rules for userPassword attributes */
|
||||
''{0}to attrs=userPassword
|
||||
by self write
|
||||
by anonymous auth
|
||||
by * none''
|
||||
|
||||
# /* allow read on anything else */
|
||||
# ''{1}to *
|
||||
# by * read''
|
||||
# ];
|
||||
# };
|
||||
# };
|
||||
# };
|
||||
# };
|
||||
/* allow read on anything else */
|
||||
''{1}to *
|
||||
by * read''
|
||||
];
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
services = {
|
||||
|
|
|
@ -5,6 +5,9 @@
|
|||
# enable = true;
|
||||
# defaultNetwork.settings.dns_enabled = true;
|
||||
# };
|
||||
docker = {
|
||||
enable = true;
|
||||
};
|
||||
libvirtd = {
|
||||
enable = true;
|
||||
qemu = {
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue