[Draft] Basic LDAP/Portunus config #12

Merged
hxlcyxn merged 16 commits from ldap into main 2022-12-17 20:54:56 +01:00
2 changed files with 35 additions and 10 deletions
Showing only changes of commit f3ac390cf9 - Show all commits

View file

@ -0,0 +1,34 @@
{
"groups": [
{
"name": "admins",
"long-name": "Portunus Admins",
"members": [],
"permissions": {
"portunus": { "is-admin": true },
"ldap": { "can-read": true }
}
},
{
"name": "ifsr",
"long-name": "Mitglieder des ifsr",
"members": [],
"permissions": {
"portunus": { "is-admin": false },
"ldap": { "can-read": false }
}
},
{
"name": "strukturer",
"long-name": "Strukturer des ifsr",
"members": [],
"permissions": {
"portunus": { "is-admin": false },
"ldap": { "can-read": false }
}
}
],
"users": [
{}
]
}

View file

@ -50,15 +50,7 @@ in
tanneberger commented 2022-12-17 19:41:28 +01:00 (Migrated from github.com)
Review

potential security risk

potential security risk
tanneberger commented 2022-12-17 19:41:48 +01:00 (Migrated from github.com)
Review

should be nix path

should be nix path
tanneberger commented 2022-12-17 19:41:28 +01:00 (Migrated from github.com)
Review

potential security risk

potential security risk
tanneberger commented 2022-12-17 19:41:48 +01:00 (Migrated from github.com)
Review

should be nix path

should be nix path
tls = true; tls = true;
}; };
# TODO: wohin seed file? seedPath = "../config/portunus_seeds.json";
tanneberger commented 2022-12-17 19:41:28 +01:00 (Migrated from github.com)
Review

potential security risk

potential security risk
tanneberger commented 2022-12-17 19:41:48 +01:00 (Migrated from github.com)
Review

should be nix path

should be nix path
tanneberger commented 2022-12-17 19:41:28 +01:00 (Migrated from github.com)
Review

potential security risk

potential security risk
tanneberger commented 2022-12-17 19:41:48 +01:00 (Migrated from github.com)
Review

should be nix path

should be nix path
seedPath = "";
tanneberger commented 2022-12-17 19:41:28 +01:00 (Migrated from github.com)
Review

potential security risk

potential security risk
tanneberger commented 2022-12-17 19:41:48 +01:00 (Migrated from github.com)
Review

should be nix path

should be nix path
tanneberger commented 2022-12-17 19:41:28 +01:00 (Migrated from github.com)
Review

potential security risk

potential security risk
tanneberger commented 2022-12-17 19:41:48 +01:00 (Migrated from github.com)
Review

should be nix path

should be nix path
# falls wir das brauchen
tanneberger commented 2022-12-17 19:41:28 +01:00 (Migrated from github.com)
Review

potential security risk

potential security risk
tanneberger commented 2022-12-17 19:41:48 +01:00 (Migrated from github.com)
Review

should be nix path

should be nix path
# dex = {
tanneberger commented 2022-12-17 19:41:28 +01:00 (Migrated from github.com)
Review

potential security risk

potential security risk
tanneberger commented 2022-12-17 19:41:48 +01:00 (Migrated from github.com)
Review

should be nix path

should be nix path
# enable = true;
tanneberger commented 2022-12-17 19:41:28 +01:00 (Migrated from github.com)
Review

potential security risk

potential security risk
tanneberger commented 2022-12-17 19:41:48 +01:00 (Migrated from github.com)
Review

should be nix path

should be nix path
# ...
tanneberger commented 2022-12-17 19:41:28 +01:00 (Migrated from github.com)
Review

potential security risk

potential security risk
tanneberger commented 2022-12-17 19:41:48 +01:00 (Migrated from github.com)
Review

should be nix path

should be nix path
# };
tanneberger commented 2022-12-17 19:41:28 +01:00 (Migrated from github.com)
Review

potential security risk

potential security risk
tanneberger commented 2022-12-17 19:41:48 +01:00 (Migrated from github.com)
Review

should be nix path

should be nix path
# searchUserName = "xxx";
tanneberger commented 2022-12-17 19:41:28 +01:00 (Migrated from github.com)
Review

potential security risk

potential security risk
tanneberger commented 2022-12-17 19:41:48 +01:00 (Migrated from github.com)
Review

should be nix path

should be nix path
}; };
users.ldap = { users.ldap = {
@ -68,7 +60,6 @@ in
tanneberger commented 2022-12-17 19:41:28 +01:00 (Migrated from github.com)
Review

potential security risk

potential security risk
tanneberger commented 2022-12-17 19:41:48 +01:00 (Migrated from github.com)
Review

should be nix path

should be nix path
tanneberger commented 2022-12-17 19:41:28 +01:00 (Migrated from github.com)
Review

potential security risk

potential security risk
tanneberger commented 2022-12-17 19:41:48 +01:00 (Migrated from github.com)
Review

should be nix path

should be nix path
# useTLS = true; # nicht nötig weil ldaps domain festgelegt. würde sonst starttls auf port 389 versuchen # useTLS = true; # nicht nötig weil ldaps domain festgelegt. würde sonst starttls auf port 389 versuchen
}; };
# TODO: acme/letsencrypt oder andere lösung?
tanneberger commented 2022-12-17 19:41:28 +01:00 (Migrated from github.com)
Review

potential security risk

potential security risk
tanneberger commented 2022-12-17 19:41:48 +01:00 (Migrated from github.com)
Review

should be nix path

should be nix path
services.nginx = { services.nginx = {
enable = true; enable = true;
virtualHosts."${config.services.portunus.domain}" = { virtualHosts."${config.services.portunus.domain}" = {

tanneberger commented 2022-12-17 19:41:28 +01:00 (Migrated from github.com)
Review

potential security risk

potential security risk
tanneberger commented 2022-12-17 19:41:48 +01:00 (Migrated from github.com)
Review

should be nix path

should be nix path
tanneberger commented 2022-12-17 19:41:28 +01:00 (Migrated from github.com)
Review

potential security risk

potential security risk
tanneberger commented 2022-12-17 19:41:48 +01:00 (Migrated from github.com)
Review

should be nix path

should be nix path