Use acme directory config rather than hardcoding the value

author: Ismaël Bouya <ismael.bouya@normalesup.org> 2019-05-17 01:43:18 +0200
committer: Ismaël Bouya <ismael.bouya@normalesup.org> 2019-05-17 01:43:18 +0200
commit: 9ade8f6eb774dc7d19d82a070199b5024786b819 (patch)
tree: e5a2d49050d4a426fa1d0412d88bbfab11b500d3 /modules/private/databases/openldap
parent: 182ae57f53731be220075bc87aff4d47a35563b8 (diff)
download: Nix-9ade8f6eb774dc7d19d82a070199b5024786b819.tar.gz
Nix-9ade8f6eb774dc7d19d82a070199b5024786b819.tar.zst
Nix-9ade8f6eb774dc7d19d82a070199b5024786b819.zip
1 files changed, 3 insertions, 3 deletions
diff --git a/modules/private/databases/openldap/default.nix b/modules/private/databases/openldap/default.nix
index 850f3ff..46f85d2 100644
--- a/modules/private/databases/openldap/default.nix
+++ b/modules/private/databases/openldap/default.nix
@@ -33,9 +33,9 @@ let
    directory       ${cfg.dataDir}
    overlay         memberof
-    TLSCertificateFile    /var/lib/acme/ldap/cert.pem
+    TLSCertificateFile    ${config.security.acme.directory}/ldap/cert.pem
-    TLSCertificateKeyFile /var/lib/acme/ldap/key.pem
+    TLSCertificateKeyFile ${config.security.acme.directory}/ldap/key.pem
-    TLSCACertificateFile  /var/lib/acme/ldap/fullchain.pem
+    TLSCACertificateFile  ${config.security.acme.directory}/ldap/fullchain.pem
    TLSCACertificatePath  ${pkgs.cacert.unbundled}/etc/ssl/certs/
    #This makes openldap crash
    #TLSCipherSuite        DEFAULT
author	Ismaël Bouya <ismael.bouya@normalesup.org>	2019-05-17 01:43:18 +0200
committer	Ismaël Bouya <ismael.bouya@normalesup.org>	2019-05-17 01:43:18 +0200
commit	9ade8f6eb774dc7d19d82a070199b5024786b819 (patch)
tree	e5a2d49050d4a426fa1d0412d88bbfab11b500d3 /modules/private/databases/openldap
parent	182ae57f53731be220075bc87aff4d47a35563b8 (diff)
download	Nix-9ade8f6eb774dc7d19d82a070199b5024786b819.tar.gz Nix-9ade8f6eb774dc7d19d82a070199b5024786b819.tar.zst Nix-9ade8f6eb774dc7d19d82a070199b5024786b819.zip

diff --git a/modules/private/databases/openldap/default.nix b/modules/private/databases/openldap/default.nix index 850f3ff..46f85d2 100644 --- a/modules/private/databases/openldap/default.nix +++ b/modules/private/databases/openldap/default.nix
@@ -33,9 +33,9 @@ let
33	directory ${cfg.dataDir}	33	directory ${cfg.dataDir}
34	overlay memberof	34	overlay memberof
35		35
36	TLSCertificateFile /var/lib/acme/ldap/cert.pem	36	TLSCertificateFile ${config.security.acme.directory}/ldap/cert.pem
37	TLSCertificateKeyFile /var/lib/acme/ldap/key.pem	37	TLSCertificateKeyFile ${config.security.acme.directory}/ldap/key.pem
38	TLSCACertificateFile /var/lib/acme/ldap/fullchain.pem	38	TLSCACertificateFile ${config.security.acme.directory}/ldap/fullchain.pem
39	TLSCACertificatePath ${pkgs.cacert.unbundled}/etc/ssl/certs/	39	TLSCACertificatePath ${pkgs.cacert.unbundled}/etc/ssl/certs/
40	#This makes openldap crash	40	#This makes openldap crash
41	#TLSCipherSuite DEFAULT	41	#TLSCipherSuite DEFAULT