wurzel/fruitbasket
10
1
Fork 1
Code Issues 5 Pull requests Projects Releases Packages Wiki Activity

reformatting ldap.nix

Browse source
This commit is contained in:
revol-xut 2023-05-18 19:55:00 +02:00
parent a15b04b42d
commit dc6197d138
No known key found for this signature in database
GPG key ID: 4F56FF7759627D07
1 changed files with 55 additions and 47 deletions
Download patch file Download diff file Expand all files Collapse all files

42
modules/ldap.nix
View file

@ -31,7 +31,7 @@ in
user = "${portunusUser}";
group = "${portunusGroup}";
domain = "${domain}";
port = 8081;
port = 8681;
userRegex = "[a-z_][a-z0-9_.-]*\$?";
dex = {
enable = true;
@ -45,11 +45,29 @@ in
# disables port 389, use 636 with tls
# `portunus.domain` resolves to localhost
tls = true;
# tls = true;
};
seedPath = ../config/portunus_seeds.json;
};
services = {
dex.settings.oauth2.skipApprovalScreen = true;
nginx = {
enable = true;
virtualHosts."${config.services.portunus.domain}" = {
forceSSL = true;
enableACME = true;
locations = {
"/".proxyPass = "http://localhost:${toString config.services.portunus.port}";
"/dex".proxyPass = "http://localhost:${toString config.services.portunus.dex.port}";
};
};
};
};
systemd.services.dex.serviceConfig = {
DynamicUser = lib.mkForce false;
EnvironmentFile = config.sops.secrets."dex/environment".path;
@ -59,7 +77,7 @@ in
users = {
groups = {
dex = {};
dex = { };
"${portunusGroup}" = {
name = "${portunusGroup}";
@ -135,28 +153,18 @@ in
'';
services.nginx = {
enable = true;
virtualHosts."${config.services.portunus.domain}" = {
forceSSL = true;
enableACME = true;
locations = {
"/".proxyPass = "http://localhost:${toString config.services.portunus.port}";
};
};
};
nixpkgs.overlays = [
(self: super:
{
{
portunus = super.portunus.overrideAttrs (old: {
src = super.fetchFromGitHub {
owner = "revol-xut";
repo = "portunus";
rev = "c95528e21782b3477203bc29fc85515f2cb8c8cb";
sha256 = "";
sha256 = "sha256-CmH0HKr+pNDnw0qfDucQrCixFg7Yh8r7Rt7v9+6pNXc=";
};
});
})
];
})
];
}