index uid pres,eq
index entryUUID eq
- include ${config.secrets.location}/openldap_replication/${name}/replication_config
+ include ${config.secrets.fullPaths."openldap_replication/${name}/replication_config"}
'';
in
{
};
users.groups.openldap.gid = config.ids.gids.openldap;
- secrets.keys = lib.flatten (lib.mapAttrsToList (name: hcfg: [
- {
- dest = "openldap_replication/${name}/replication_config";
+ secrets.keys = lib.listToAttrs (lib.flatten (lib.mapAttrsToList (name: hcfg: [
+ (lib.nameValuePair "openldap_replication/${name}/replication_config" {
user = "openldap";
group = "openldap";
permissions = "0400";
binddn="${hcfg.dn}"
credentials="${hcfg.password}"
'';
- }
- {
- dest = "openldap_replication/${name}/replication_password";
+ })
+ (lib.nameValuePair "openldap_replication/${name}/replication_password" {
user = "openldap";
group = "openldap";
permissions = "0400";
text = hcfg.password;
- }
- ]) cfg.hosts);
+ })
+ ]) cfg.hosts));
services.cron = {
enable = true;