From 95413adffe969f33cb560227735ab4b32d9d390a Mon Sep 17 00:00:00 2001
From: =?utf8?q?Isma=C3=ABl=20Bouya?= <ismael.bouya@normalesup.org>
Date: Sat, 29 Dec 2018 11:02:50 +0100
Subject: [PATCH] Add ldap configuration for httpd

---
 virtual/eldiron.nix | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

diff --git a/virtual/eldiron.nix b/virtual/eldiron.nix
index c347029..50aaeab 100644
--- a/virtual/eldiron.nix
+++ b/virtual/eldiron.nix
@@ -88,7 +88,30 @@
       adminAddr = "httpd@immae.eu";
       extraModules = [
         "proxy_fcgi" # for PHP
+        "macro"
+        "ldap"
+        "authnz_ldap"
       ];
+      extraConfig = ''
+        <IfModule ldap_module>
+          LDAPSharedCacheSize 500000
+          LDAPCacheEntries 1024
+          LDAPCacheTTL 600
+          LDAPOpCacheEntries 1024
+          LDAPOpCacheTTL 600
+        </IfModule>
+
+        <Macro LDAPConnect>
+          <IfModule authnz_ldap_module>
+            AuthLDAPURL          ldap://ldap.immae.eu:389/dc=immae,dc=eu
+            AuthLDAPBindDN       cn=httpd,ou=services,dc=immae,dc=eu
+            AuthLDAPBindPassword "${builtins.getEnv "NIXOPS_HTTP_LDAP_PASSWORD"}"
+            AuthType             Basic
+            AuthName             "Authentification requise (Acces LDAP)"
+            AuthBasicProvider    ldap
+          </IfModule>
+        </Macro>
+        '';
       virtualHosts = [
         (withSSL "eldiron" // {
           listen = [ { ip = "*"; port = 443; } ];
-- 
2.41.0