wurzel/fruitbasket
9
1
Fork 0
Code Issues 5 Pull requests Packages Projects Releases Wiki Activity

[Draft] Basic LDAP/Portunus config #12

Merged
hxlcyxn merged 16 commits from ldap into main 2022-12-17 20:54:56 +01:00
Conversation 0 Commits 16 Files changed 5 +10 -4
3 changed files with 10 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files
Showing only changes of commit eece008de6 - Show all commits

7
config/portunus_seeds.json
View file

@ -29,6 +29,11 @@
} }
], ],
"users": [ "users": [
{} {
"login_name": "admin",
"given_name": "admin",
"family_name": "admin",
"password": { "from_command": ["/usr/bin/env", "cat", "/run/secrets/portunus_admin"] }
}
] ]
} }

2
modules/ldap.nix
View file

@ -33,7 +33,7 @@ in
tanneberger commented 2022-12-17 19:41:28 +01:00 (Migrated from github.com)
Review
Copy link

potential security risk

potential security risk
tanneberger commented 2022-12-17 19:41:48 +01:00 (Migrated from github.com)
Review
Copy link

should be nix path

should be nix path
tanneberger commented 2022-12-17 19:41:28 +01:00 (Migrated from github.com)
Review
Copy link

potential security risk

potential security risk
tanneberger commented 2022-12-17 19:41:48 +01:00 (Migrated from github.com)
Review
Copy link

should be nix path

should be nix path
}; };
# TODO: eigenes secrets.yaml für seedfile? # TODO: eigenes secrets.yaml für seedfile?
sops.secrets.portunus_seedfile = { sops.secrets."portunus_admin" = {
tanneberger commented 2022-12-17 19:41:28 +01:00 (Migrated from github.com)
Review
Copy link

potential security risk

potential security risk
tanneberger commented 2022-12-17 19:41:48 +01:00 (Migrated from github.com)
Review
Copy link

should be nix path

should be nix path
tanneberger commented 2022-12-17 19:41:28 +01:00 (Migrated from github.com)
Review
Copy link

potential security risk

potential security risk
tanneberger commented 2022-12-17 19:41:48 +01:00 (Migrated from github.com)
Review
Copy link

should be nix path

should be nix path
owner = "${portunusUser}"; owner = "${portunusUser}";
group = "${portunusGroup}"; group = "${portunusGroup}";
}; };

tanneberger commented 2022-12-17 19:41:28 +01:00 (Migrated from github.com)
Review
Copy link

potential security risk

potential security risk
tanneberger commented 2022-12-17 19:41:48 +01:00 (Migrated from github.com)
Review
Copy link

should be nix path

should be nix path
tanneberger commented 2022-12-17 19:41:28 +01:00 (Migrated from github.com)
Review
Copy link

potential security risk

potential security risk
tanneberger commented 2022-12-17 19:41:48 +01:00 (Migrated from github.com)
Review
Copy link

should be nix path

should be nix path

5
secrets/quitte.yaml
View file

@ -4,6 +4,7 @@ postgres_nextcloud: ENC[AES256_GCM,data:Lv0Ld3sf+hoUE2qrsf9qGSYf5aVLqm5GIbK2hEoR
nextcloud_adminpass: ENC[AES256_GCM,data:EMvcFOGJz45P4nvJ5Yy4SziWa2pUWBqt4ZZdde6wegk=,iv:tG9bhB7HPprZMnfV/uC/v7fqmjQd5d4Oj5avOtK2/0A=,tag:8jBDpnahwQsXsD2Ivf6jDw==,type:str] nextcloud_adminpass: ENC[AES256_GCM,data:EMvcFOGJz45P4nvJ5Yy4SziWa2pUWBqt4ZZdde6wegk=,iv:tG9bhB7HPprZMnfV/uC/v7fqmjQd5d4Oj5avOtK2/0A=,tag:8jBDpnahwQsXsD2Ivf6jDw==,type:str]
hedgedoc_session_secret: ENC[AES256_GCM,data:uz7KggZqeZ2eqiCnOcnYh2I1p5BBXTQbC8PUhB2kM2U=,iv:aJDHKCPkccCT/OF6AGZMfRESNmoV9muGHbuCUfLQhH8=,tag:uEVXylpE8MSebqRr+4mQOw==,type:str] hedgedoc_session_secret: ENC[AES256_GCM,data:uz7KggZqeZ2eqiCnOcnYh2I1p5BBXTQbC8PUhB2kM2U=,iv:aJDHKCPkccCT/OF6AGZMfRESNmoV9muGHbuCUfLQhH8=,tag:uEVXylpE8MSebqRr+4mQOw==,type:str]
wg-seckey: ENC[AES256_GCM,data:NHk6E5uu3CshC/0//LoGk6iCGKWbx49wVVkjoMqF19gc7MhdHAn9aJD+0Zc=,iv:N3PuU7+QSW9aD0ZhTI7CmMI3drLIzO7XaW3mgEDp/sk=,tag:fxH4eRIboy9O15oul7JOTw==,type:str] wg-seckey: ENC[AES256_GCM,data:NHk6E5uu3CshC/0//LoGk6iCGKWbx49wVVkjoMqF19gc7MhdHAn9aJD+0Zc=,iv:N3PuU7+QSW9aD0ZhTI7CmMI3drLIzO7XaW3mgEDp/sk=,tag:fxH4eRIboy9O15oul7JOTw==,type:str]
portunus_admin: ENC[AES256_GCM,data:bPuYdfpWJtYib9lUcXHVZeGerskd5vs5IOe+DE9Q7OOPkAwp,iv:6ZjjfQ3E1xxYjmEg7o849RZzUt8dyXjI84DSfPYGUWQ=,tag:JJpOLjPs8YdEBl3xGGAzbg==,type:str]
mediawiki: mediawiki:
postgres: ENC[AES256_GCM,data:XRfUc2PRMJcoILAnm5MWr2Cg5u4e/IhGMUnz/oIQSzY=,iv:8U+qlD1SQzxUyD/6QK4SdwRCDyMODK/lP0IDrLlcQ4U=,tag:2spNMj9dY2wWilOusq24yQ==,type:str] postgres: ENC[AES256_GCM,data:XRfUc2PRMJcoILAnm5MWr2Cg5u4e/IhGMUnz/oIQSzY=,iv:8U+qlD1SQzxUyD/6QK4SdwRCDyMODK/lP0IDrLlcQ4U=,tag:2spNMj9dY2wWilOusq24yQ==,type:str]
initial_admin: ENC[AES256_GCM,data:iET5rz9rygx49NDBjKwqAlRgpeS+jq5iM5zmjnoKcyk=,iv:11iDbCrpzjCdyAB22R8NknJ6vzcpVZXCXB3iWsGWXw0=,tag:1RCyg1ysOWaXKdqqdHqRrw==,type:str] initial_admin: ENC[AES256_GCM,data:iET5rz9rygx49NDBjKwqAlRgpeS+jq5iM5zmjnoKcyk=,iv:11iDbCrpzjCdyAB22R8NknJ6vzcpVZXCXB3iWsGWXw0=,tag:1RCyg1ysOWaXKdqqdHqRrw==,type:str]
@ -23,8 +24,8 @@ sops:
Z212K3JDWmRsZmVpdjBaUE1kL3phMm8K/x3Ssn0LEO7BfTUoOJQ6h88vlwA/AvQj Z212K3JDWmRsZmVpdjBaUE1kL3phMm8K/x3Ssn0LEO7BfTUoOJQ6h88vlwA/AvQj
KsosHSWO7vsgqKPPO+OPbHV1y8OTAKubcrk5szTUWBNOvggIw3nWDA== KsosHSWO7vsgqKPPO+OPbHV1y8OTAKubcrk5szTUWBNOvggIw3nWDA==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2022-11-18T15:28:28Z" lastmodified: "2022-12-17T17:42:18Z"
mac: ENC[AES256_GCM,data:+o08gLLG3tz9uheJOMeKWtdvcRjgdcpOFUjSW3sHdFWC/FM5dcwDgBAtTO3/pPB6+e//SfpZgIWq1EASpgChPmE61K0U1lnYK/5gBY1QMDZ9tLgl8VjQ1ShVSeTL/dLWopBEVeDT0cR8jhJ+MIaVTEzMLK8I2qn/LaZqEktMPSg=,iv:N5TPSuijpULToU4EoZ7P6bL0sMZ1Jfu10Jxmnpzh4Ec=,tag:UIHIM+CMNS70ivKtEzbR3w==,type:str] mac: ENC[AES256_GCM,data:qLBASH8XmcHjTFrxdEqyk7KwXHEGx9hT6Jvqw1JMtZDhP95OjKNRySh5fptG1+Jz1ZIaG5zwDWdzV2/GXGru06dDR8bZYoXCboa0YR1NSESZ9f95n9v1HYQf/oSww8KHTP3METZ/1oS7i1nQdL5FxLFTK+nx77uQ1VxX7Ztl85Y=,iv:jEWOsxeTamGGNVw8OXFQT9o5MIyE7EMPAYEdfQesLZw=,tag:vUZK+H93qUursPwfoTpEJg==,type:str]
pgp: pgp:
- created_at: "2022-11-18T16:37:48Z" - created_at: "2022-11-18T16:37:48Z"
enc: | enc: |