-{ lib, pkgs, config, mylibs, ... }:
+{ lib, pkgs, config, myconfig, mylibs, ... }:
let
cfg = config.services.myDatabases;
in {
security.pam.services = let
pam_ldap = pkgs.pam_ldap;
- pam_ldap_mysql = assert mylibs.checkEnv "NIXOPS_MYSQL_PAM_PASSWORD";
- pkgs.writeText "mysql.conf" ''
+ pam_ldap_mysql = pkgs.writeText "mysql.conf" ''
host ldap.immae.eu
base dc=immae,dc=eu
binddn cn=mysql,cn=pam,ou=services,dc=immae,dc=eu
- bindpw ${builtins.getEnv "NIXOPS_MYSQL_PAM_PASSWORD"}
+ bindpw ${myconfig.env.databases.mysql.pam_password}
pam_filter memberOf=cn=users,cn=mysql,cn=pam,ou=services,dc=immae,dc=eu
'';
- pam_ldap_postgresql_replication = assert mylibs.checkEnv "NIXOPS_ELDIRON_LDAP_PASSWORD";
- pkgs.writeText "postgresql.conf" ''
+ pam_ldap_postgresql_replication = pkgs.writeText "postgresql.conf" ''
host ldap.immae.eu
base dc=immae,dc=eu
binddn cn=eldiron,ou=hosts,dc=immae,dc=eu
- bindpw ${builtins.getEnv "NIXOPS_ELDIRON_LDAP_PASSWORD"}
+ bindpw ${myconfig.env.ldap.password}
pam_login_attribute cn
'';
in [