y

2025-04-25 16:08:30 +02:00 · 2025-01-28 21:12:11 +01:00 · 2025-01-28 21:12:11 +01:00 · 5d94104678
commit 5d94104678
parent a65b9c85e0
6 changed files with 47 additions and 9 deletions
--- a/hosts/thinkpad/default.nix
+++ b/hosts/thinkpad/default.nix
@ -43,6 +43,8 @@
    ];
    files = [
      "/etc/machine-id"
+      # fix for systemd v257 panicking when /usr is empty
+      "/usr/dummy"
    ];
  };

@ -71,11 +73,23 @@
  #         "${pkgs.openldap}/etc/schema/cosine.ldif"
  #         "${pkgs.openldap}/etc/schema/inetorgperson.ldif"
  #         "${pkgs.openldap}/etc/schema/nis.ldif"
-  #         # "${pkgs.writeText "openssh.schema" ''
+  #         # "${pkgs.writeText "openssh.ldif" ''
+  #         #   dn: cn={4}openssh
+  #         #   objectClass: olcSchemaConfig
+  #         #   cn: {4}openssh
  #         # 	attributetype ( 9999.1.2 NAME 'sshPublicKey'
  #         # 		DESC 'SSH public key used by this user'
  #         # 		SUP name )
  #         # ''}"
+  #         "${pkgs.writeText "openssh.ldif" ''
+  #           dn: cn=openssh,cn=schema,cn=config
+  #           objectClass: olcSchemaConfig
+  #           cn: openssh
+  #           olcAttributeTypes: ( 1.3.6.1.4.1.24552.500.1.1.1.13 NAME 'sshPublicKey'
+  #               DESC 'MANDATORY: OpenSSH Public key'
+  #               EQUALITY octetStringMatch
+  #               SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
+  #         ''}"
  #       ];

  #       "olcDatabase={1}mdb".attrs = {
@ -88,7 +102,7 @@

  #         /* your admin account, do not use writeText on a production system */
  #         olcRootDN = "cn=portunus,dc=ifsr,dc=de";
-  #         olcRootPW = "{CRYPT}$y$j9T$xdf4HigfhmQWXn.bw9MgH/$91evhYAV1GP7olNCkQoCpUZrghh5P8dDXcZdAtpiD32";
+  #         olcRootPW = "test";

  #         olcAccess = [
  #           /* custom access rules for userPassword attributes */
@ -102,6 +116,24 @@
  #               by * read''
  #         ];
  #       };
+
+  #       "olcOverlay={3}memberof,olcDatabase={1}mdb".attrs = {
+  #         objectClass = [ "olcConfig" "olcOverlayConfig" "olcMemberOf" "top" ];
+  #         olcOverlay = "{3}memberof";
+  #         olcMemberOfRefInt = "TRUE";
+  #         olcMemberOfDangling = "ignore";
+  #         olcMemberOfGroupOC = "groupOfNames";
+  #         olcMemberOfMemberAD = "member";
+  #         olcMemberOfMemberOfAD = "memberOf";
+  #       };
+
+  #       "olcOverlay={4}refint,olcDatabase={1}mdb".attrs = {
+  #         objectClass = [ "olcOverlayConfig" "olcRefintConfig" "top" ];
+  #         olcOverlay = "{4}refint";
+  #         olcRefintAttribute = "memberof member manager owner";
+  #       };
+
+
  #     };
  #   };
  # };