wurzel/fruitbasket
9
1
Fork 0
Code Issues 5 Pull requests Packages Projects Releases Wiki Activity

[Draft] Basic LDAP/Portunus config #12

Merged
hxlcyxn merged 16 commits from ldap into main 2022-12-17 20:54:56 +01:00
Conversation 0 Commits 16 Files changed 5 +35 -10
2 changed files with 35 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files
Showing only changes of commit f3ac390cf9 - Show all commits

34
config/portunus_seeds.json Normal file
View file

@ -0,0 +1,34 @@
{
"groups": [
{
"name": "admins",
"long-name": "Portunus Admins",
"members": [],
"permissions": {
"portunus": { "is-admin": true },
"ldap": { "can-read": true }
}
},
{
"name": "ifsr",
"long-name": "Mitglieder des ifsr",
"members": [],
"permissions": {
"portunus": { "is-admin": false },
"ldap": { "can-read": false }
}
},
{
"name": "strukturer",
"long-name": "Strukturer des ifsr",
"members": [],
"permissions": {
"portunus": { "is-admin": false },
"ldap": { "can-read": false }
}
}
],
"users": [
{}
]
}

11
modules/ldap.nix
View file

@ -50,15 +50,7 @@ in
tanneberger commented 2022-12-17 19:41:28 +01:00 (Migrated from github.com)
Review
Copy link

potential security risk

potential security risk
tanneberger commented 2022-12-17 19:41:48 +01:00 (Migrated from github.com)
Review
Copy link

should be nix path

should be nix path
tanneberger commented 2022-12-17 19:41:28 +01:00 (Migrated from github.com)
Review
Copy link

potential security risk

potential security risk
tanneberger commented 2022-12-17 19:41:48 +01:00 (Migrated from github.com)
Review
Copy link

should be nix path

should be nix path
tls = true;
};
# TODO: wohin seed file?
tanneberger commented 2022-12-17 19:41:28 +01:00 (Migrated from github.com)
Review
Copy link

potential security risk

potential security risk
tanneberger commented 2022-12-17 19:41:48 +01:00 (Migrated from github.com)
Review
Copy link

should be nix path

should be nix path
seedPath = "";
tanneberger commented 2022-12-17 19:41:28 +01:00 (Migrated from github.com)
Review
Copy link

potential security risk

potential security risk
tanneberger commented 2022-12-17 19:41:48 +01:00 (Migrated from github.com)
Review
Copy link

should be nix path

should be nix path
tanneberger commented 2022-12-17 19:41:28 +01:00 (Migrated from github.com)
Review
Copy link

potential security risk

potential security risk
tanneberger commented 2022-12-17 19:41:48 +01:00 (Migrated from github.com)
Review
Copy link

should be nix path

should be nix path
# falls wir das brauchen
tanneberger commented 2022-12-17 19:41:28 +01:00 (Migrated from github.com)
Review
Copy link

potential security risk

potential security risk
tanneberger commented 2022-12-17 19:41:48 +01:00 (Migrated from github.com)
Review
Copy link

should be nix path

should be nix path
# dex = {
tanneberger commented 2022-12-17 19:41:28 +01:00 (Migrated from github.com)
Review
Copy link

potential security risk

potential security risk
tanneberger commented 2022-12-17 19:41:48 +01:00 (Migrated from github.com)
Review
Copy link

should be nix path

should be nix path
# enable = true;
tanneberger commented 2022-12-17 19:41:28 +01:00 (Migrated from github.com)
Review
Copy link

potential security risk

potential security risk
tanneberger commented 2022-12-17 19:41:48 +01:00 (Migrated from github.com)
Review
Copy link

should be nix path

should be nix path
# ...
tanneberger commented 2022-12-17 19:41:28 +01:00 (Migrated from github.com)
Review
Copy link

potential security risk

potential security risk
tanneberger commented 2022-12-17 19:41:48 +01:00 (Migrated from github.com)
Review
Copy link

should be nix path

should be nix path
# };
tanneberger commented 2022-12-17 19:41:28 +01:00 (Migrated from github.com)
Review
Copy link

potential security risk

potential security risk
tanneberger commented 2022-12-17 19:41:48 +01:00 (Migrated from github.com)
Review
Copy link

should be nix path

should be nix path
# searchUserName = "xxx";
tanneberger commented 2022-12-17 19:41:28 +01:00 (Migrated from github.com)
Review
Copy link

potential security risk

potential security risk
tanneberger commented 2022-12-17 19:41:48 +01:00 (Migrated from github.com)
Review
Copy link

should be nix path

should be nix path
seedPath = "../config/portunus_seeds.json";
tanneberger commented 2022-12-17 19:41:28 +01:00 (Migrated from github.com)
Review
Copy link

potential security risk

potential security risk
tanneberger commented 2022-12-17 19:41:48 +01:00 (Migrated from github.com)
Review
Copy link

should be nix path

should be nix path
};
users.ldap = {
@ -68,7 +60,6 @@ in
tanneberger commented 2022-12-17 19:41:28 +01:00 (Migrated from github.com)
Review
Copy link

potential security risk

potential security risk
tanneberger commented 2022-12-17 19:41:48 +01:00 (Migrated from github.com)
Review
Copy link

should be nix path

should be nix path
tanneberger commented 2022-12-17 19:41:28 +01:00 (Migrated from github.com)
Review
Copy link

potential security risk

potential security risk
tanneberger commented 2022-12-17 19:41:48 +01:00 (Migrated from github.com)
Review
Copy link

should be nix path

should be nix path
# useTLS = true; # nicht nötig weil ldaps domain festgelegt. würde sonst starttls auf port 389 versuchen
};
# TODO: acme/letsencrypt oder andere lösung?
tanneberger commented 2022-12-17 19:41:28 +01:00 (Migrated from github.com)
Review
Copy link

potential security risk

potential security risk
tanneberger commented 2022-12-17 19:41:48 +01:00 (Migrated from github.com)
Review
Copy link

should be nix path

should be nix path
services.nginx = {
enable = true;
virtualHosts."${config.services.portunus.domain}" = {

tanneberger commented 2022-12-17 19:41:28 +01:00 (Migrated from github.com)
Review
Copy link

potential security risk

potential security risk
tanneberger commented 2022-12-17 19:41:48 +01:00 (Migrated from github.com)
Review
Copy link

should be nix path

should be nix path
tanneberger commented 2022-12-17 19:41:28 +01:00 (Migrated from github.com)
Review
Copy link

potential security risk

potential security risk
tanneberger commented 2022-12-17 19:41:48 +01:00 (Migrated from github.com)
Review
Copy link

should be nix path

should be nix path