-{ config, pkgs, lib, php, name, secrets, ... }:
+{ config, pkgs, lib, ports, name, secrets, ... }:
{
# ssh-keyscan eldiron | nix-shell -p ssh-to-age --run ssh-to-age
secrets.ageKeys = [ "age1dxr5lhvtnjssfaqpnf6qx80h8gfwkxg3tdf35m6n9wljmk7wadfs3kmahj" ];
"nodejs-16.20.2" # for landing page building
];
- nixpkgs.overlays = [
- php.overlays.php
- ];
+ nixpkgs.overlays = builtins.attrValues ports.overlays;
powerManagement.cpuFreqGovernor = "powersave";
security.acme.certs."${name}".postRun = builtins.concatStringsSep "\n" [
table = ldap_users
user_column = login
pw_type = function
- auth_query = SELECT (mechanism = 'SSHA' AND password = encode(digest( %p || salt, 'sha1'), 'hex')) FROM ldap_users WHERE login = %u OR login || '@' || realm = %u
+ auth_query = SELECT ((mechanism = 'SSHA' AND password = encode(digest( %p || salt, 'sha1'), 'hex')) OR (mechanism = 'PLAIN' AND password = %p)) FROM ldap_users WHERE login = %u OR login || '@' || realm = %u
#pwd_query = WITH newsalt as (select gen_random_bytes(4)) UPDATE ldap_users SET password = encode(digest( %p || (SELECT * FROM newsalt), 'sha1'), 'hex'), salt = (SELECT * FROM newsalt), mechanism = 'SSHA' WHERE login = %u OR login || '@' || realm = %u
'';
};