};
config = lib.mkIf cfg.enable {
- nixpkgs.config.packageOverrides = oldpkgs: rec {
+ nixpkgs.overlays = [ (self: super: rec {
mariadb = mariadbPAM;
- mariadbPAM = oldpkgs.mariadb.overrideAttrs(old: rec {
+ mariadbPAM = super.mariadb.overrideAttrs(old: rec {
cmakeFlags = old.cmakeFlags ++ [ "-DWITH_AUTHENTICATION_PAM=ON" ];
- buildInputs = old.buildInputs ++ [ pkgs.pam ];
+ buildInputs = old.buildInputs ++ [ self.pam ];
});
- };
+ }) ];
networking.firewall.allowedTCPPorts = [ 3306 ];
'';
};
+ services.cron = {
+ enable = true;
+ systemCronJobs = let
+ mycnf = pkgs.writeText "my.cnf" ''
+ [mysqldump]
+ user = root
+ password = ${myconfig.env.databases.mysql.systemUsers.root}
+ '';
+ in [
+ ''
+ 30 1,13 * * * root ${pkgs.mariadb}/bin/mysqldump --defaults-file=${mycnf} --all-databases > /var/lib/mysql/backup.sql
+ ''
+ ];
+ };
+
security.pam.services = let
pam_ldap = "${pkgs.pam_ldap}/lib/security/pam_ldap.so";
pam_ldap_mysql = with myconfig.env.databases.mysql.pam;