ldap: switch to sssd on quitte

2024-03-04 22:14:24 +01:00 · 2024-03-04 22:14:24 +01:00 · a1bfa3f7e1
parent b454ad2437
commit a1bfa3f7e1
2 changed files with 1 additions and 17 deletions
--- a/flake.nix
+++ b/flake.nix
@ -78,6 +78,7 @@
            ./modules/ese-website.nix

            ./modules/ldap
+            ./modules/sssd.nix
            ./modules/mail
            ./modules/mailman.nix
            ./modules/mysql.nix
--- a/modules/ldap/default.nix
+++ b/modules/ldap/default.nix
@ -47,10 +47,6 @@ in
    "portunus/admin-password".owner = config.services.portunus.user;
    "portunus/search-password".owner = config.services.portunus.user;
    "dex/environment".owner = config.systemd.services.dex.serviceConfig.User;
-    nslcd_ldap_search = {
-      key = "portunus/search-password";
-      owner = config.systemd.services.nslcd.serviceConfig.User;
-    };
  };

  services.portunus = {
@ -97,19 +93,6 @@ in
      isSystemUser = true;
    };
    groups.dex = { };
-
-    ldap =
-      let portunus = config.services.portunus; in
-      rec {
-        enable = true;
-        server = "ldap://localhost";
-        base = "${portunus.ldap.suffix}";
-        bind = {
-          distinguishedName = "uid=${portunus.ldap.searchUserName},ou=users,${base}";
-          passwordFile = config.sops.secrets.nslcd_ldap_search.path;
-        };
-        daemon.enable = true;
-      };
  };

  security.pam.services.sshd.makeHomeDir = true;