wurzel/fruitbasket
10
1
Fork 1
Code Issues 5 Pull requests Projects Releases Packages Wiki Activity

Synapse LDAP config, add Portunus search user, update flake

Browse source
This commit is contained in:
Lyn Fugmann 2023-01-18 14:12:03 +01:00
parent 4813ec4811
commit c3134e1e58
Signed by: fugi
GPG key ID: 4472A20091BFA792
6 changed files with 83 additions and 44 deletions
Download patch file Download diff file Expand all files Collapse all files

23
modules/ldap.nix
View file

@ -29,9 +29,15 @@ in
members = [ "${ldapUser}" ];
};
sops.secrets."portunus_admin" = {
owner = "${portunusUser}";
group = "${portunusGroup}";
sops.secrets = {
"portunus_admin" = {
owner = "${portunusUser}";
group = "${portunusGroup}";
};
"portunus_search" = {
owner = "${portunusUser}";
group = "${portunusGroup}";
};
};
services.portunus = {
@ -40,10 +46,16 @@ in
group = "${portunusGroup}";
domain = "${domain}";
port = 8081;
ldap = {
user = "${ldapUser}";
group = "${ldapGroup}";
suffix = "dc=ifsr,dc=de";
searchUserName = "search";
# disables port 389, use 636 with tls
# `portunus.domain` resolves to localhost
tls = true;
};
@ -60,9 +72,4 @@ in
};
};
};
networking.firewall.allowedTCPPorts = [
80 # http
443 # https
];
}