Add ldap configuration for httpd

author: Ismaël Bouya <ismael.bouya@normalesup.org> 2018-12-29 11:02:50 +0100
committer: Ismaël Bouya <ismael.bouya@normalesup.org> 2018-12-29 11:02:50 +0100
commit: 95413adffe969f33cb560227735ab4b32d9d390a (patch)
tree: c351508e0a9a93fe64d923c9fc6c9e714594ee63
parent: 1bb2ff2cfbffcdc571bc2f8b171ca892c8aebece (diff)
download: Nix-95413adffe969f33cb560227735ab4b32d9d390a.tar.gz
Nix-95413adffe969f33cb560227735ab4b32d9d390a.tar.zst
Nix-95413adffe969f33cb560227735ab4b32d9d390a.zip
1 files changed, 23 insertions, 0 deletions
diff --git a/virtual/eldiron.nix b/virtual/eldiron.nix
index c347029..50aaeab 100644
--- a/virtual/eldiron.nix
+++ b/virtual/eldiron.nix
@@ -88,7 +88,30 @@
      adminAddr = "httpd@immae.eu";
      extraModules = [
        "proxy_fcgi" # for PHP
+        "macro"
+        "ldap"
+        "authnz_ldap"
      ];
+      extraConfig = ''
+        <IfModule ldap_module>
+          LDAPSharedCacheSize 500000
+          LDAPCacheEntries 1024
+          LDAPCacheTTL 600
+          LDAPOpCacheEntries 1024
+          LDAPOpCacheTTL 600
+        </IfModule>
+        <Macro LDAPConnect>
+          <IfModule authnz_ldap_module>
+            AuthLDAPURL          ldap://ldap.immae.eu:389/dc=immae,dc=eu
+            AuthLDAPBindDN       cn=httpd,ou=services,dc=immae,dc=eu
+            AuthLDAPBindPassword "${builtins.getEnv "NIXOPS_HTTP_LDAP_PASSWORD"}"
+            AuthType             Basic
+            AuthName             "Authentification requise (Acces LDAP)"
+            AuthBasicProvider    ldap
+          </IfModule>
+        </Macro>
+        '';
      virtualHosts = [
        (withSSL "eldiron" // {
          listen = [ { ip = "*"; port = 443; } ];
author	Ismaël Bouya <ismael.bouya@normalesup.org>	2018-12-29 11:02:50 +0100
committer	Ismaël Bouya <ismael.bouya@normalesup.org>	2018-12-29 11:02:50 +0100
commit	95413adffe969f33cb560227735ab4b32d9d390a (patch)
tree	c351508e0a9a93fe64d923c9fc6c9e714594ee63
parent	1bb2ff2cfbffcdc571bc2f8b171ca892c8aebece (diff)
download	Nix-95413adffe969f33cb560227735ab4b32d9d390a.tar.gz Nix-95413adffe969f33cb560227735ab4b32d9d390a.tar.zst Nix-95413adffe969f33cb560227735ab4b32d9d390a.zip

diff --git a/virtual/eldiron.nix b/virtual/eldiron.nix index c347029..50aaeab 100644 --- a/virtual/eldiron.nix +++ b/virtual/eldiron.nix
@@ -88,7 +88,30 @@
88	adminAddr = "httpd@immae.eu";	88	adminAddr = "httpd@immae.eu";
89	extraModules = [	89	extraModules = [
90	"proxy_fcgi" # for PHP	90	"proxy_fcgi" # for PHP
		91	"macro"
		92	"ldap"
		93	"authnz_ldap"
91	];	94	];
		95	extraConfig = ''
		96	<IfModule ldap_module>
		97	LDAPSharedCacheSize 500000
		98	LDAPCacheEntries 1024
		99	LDAPCacheTTL 600
		100	LDAPOpCacheEntries 1024
		101	LDAPOpCacheTTL 600
		102	</IfModule>
		103
		104	<Macro LDAPConnect>
		105	<IfModule authnz_ldap_module>
		106	AuthLDAPURL ldap://ldap.immae.eu:389/dc=immae,dc=eu
		107	AuthLDAPBindDN cn=httpd,ou=services,dc=immae,dc=eu
		108	AuthLDAPBindPassword "${builtins.getEnv "NIXOPS_HTTP_LDAP_PASSWORD"}"
		109	AuthType Basic
		110	AuthName "Authentification requise (Acces LDAP)"
		111	AuthBasicProvider ldap
		112	</IfModule>
		113	</Macro>
		114	'';
92	virtualHosts = [	115	virtualHosts = [
93	(withSSL "eldiron" // {	116	(withSSL "eldiron" // {
94	listen = [ { ip = "*"; port = 443; } ];	117	listen = [ { ip = "*"; port = 443; } ];