aboutsummaryrefslogtreecommitdiff
path: root/systems/zoldene
diff options
context:
space:
mode:
authorIsmaël Bouya <ismael.bouya@normalesup.org>2024-06-19 01:55:44 +0200
committerIsmaël Bouya <ismael.bouya@normalesup.org>2024-07-07 02:41:54 +0200
commitc55d7e13d4e689f155f0483505181c4dd1ce5904 (patch)
treea0de40be021de6064cfc3ea1aa73f8c23f2d7c6d /systems/zoldene
parentc13500abac8938b71bc67698105957009a29f137 (diff)
downloadNix-c55d7e13d4e689f155f0483505181c4dd1ce5904.tar.gz
Nix-c55d7e13d4e689f155f0483505181c4dd1ce5904.tar.zst
Nix-c55d7e13d4e689f155f0483505181c4dd1ce5904.zip
Use ldap in matrix
Diffstat (limited to 'systems/zoldene')
-rw-r--r--systems/zoldene/flake.lock6
-rw-r--r--systems/zoldene/synapse.nix29
2 files changed, 32 insertions, 3 deletions
diff --git a/systems/zoldene/flake.lock b/systems/zoldene/flake.lock
index 972b275..f07de8c 100644
--- a/systems/zoldene/flake.lock
+++ b/systems/zoldene/flake.lock
@@ -59,7 +59,7 @@
59 "environment": { 59 "environment": {
60 "locked": { 60 "locked": {
61 "lastModified": 1, 61 "lastModified": 1,
62 "narHash": "sha256-44KJj+te7cnv7QP9VNXCgwnWDthdW626uvKaWf8ddBE=", 62 "narHash": "sha256-xrpwkilnPpT6TklQVoLrID8tWUZAH4PJ5XqhRHXGbvo=",
63 "path": "../environment", 63 "path": "../environment",
64 "type": "path" 64 "type": "path"
65 }, 65 },
@@ -436,7 +436,7 @@
436 "private-environment": { 436 "private-environment": {
437 "locked": { 437 "locked": {
438 "lastModified": 1, 438 "lastModified": 1,
439 "narHash": "sha256-44KJj+te7cnv7QP9VNXCgwnWDthdW626uvKaWf8ddBE=", 439 "narHash": "sha256-xrpwkilnPpT6TklQVoLrID8tWUZAH4PJ5XqhRHXGbvo=",
440 "path": "../../flakes/private/environment", 440 "path": "../../flakes/private/environment",
441 "type": "path" 441 "type": "path"
442 }, 442 },
@@ -455,7 +455,7 @@
455 }, 455 },
456 "locked": { 456 "locked": {
457 "lastModified": 1, 457 "lastModified": 1,
458 "narHash": "sha256-4BSHUGdctTxvJObi9jz6S5FH22ZtIpbIZbShFP40Ds0=", 458 "narHash": "sha256-zbQxRzS3bTCQO/0D/AJYNU/xwBmXgfU82PDLxVyXcAQ=",
459 "path": "../../flakes/private/system", 459 "path": "../../flakes/private/system",
460 "type": "path" 460 "type": "path"
461 }, 461 },
diff --git a/systems/zoldene/synapse.nix b/systems/zoldene/synapse.nix
index 1d892a7..cfcdc9a 100644
--- a/systems/zoldene/synapse.nix
+++ b/systems/zoldene/synapse.nix
@@ -72,9 +72,32 @@
72 72
73 services.matrix-synapse = { 73 services.matrix-synapse = {
74 enable = true; 74 enable = true;
75 log.root.level = "WARNING";
76 plugins = [
77 config.services.matrix-synapse.package.plugins.matrix-synapse-ldap3
78 ];
75 extraConfigFiles = [ 79 extraConfigFiles = [
76 config.secrets.fullPaths."matrix/homeserver_secrets.yaml" 80 config.secrets.fullPaths."matrix/homeserver_secrets.yaml"
77 ]; 81 ];
82 settings.modules = [
83 {
84 module = "ldap_auth_provider.LdapAuthProviderModule";
85 config = {
86 enabled = true;
87 uri = "ldaps://${config.myEnv.tools.matrix.ldap.host}:636";
88 start_tls = false;
89 base = config.myEnv.tools.matrix.ldap.base;
90 attributes = {
91 uid = "uid";
92 mail = "mail";
93 name = "cn";
94 };
95 bind_dn = config.myEnv.tools.matrix.ldap.dn;
96 bind_password_file = config.secrets.fullPaths."matrix/ldap_password";
97 filter = config.myEnv.tools.matrix.ldap.filter;
98 };
99 }
100 ];
78 settings.server_name = "immae.eu"; 101 settings.server_name = "immae.eu";
79 settings.signing_key_path = config.secrets.fullPaths."matrix/signing.key"; 102 settings.signing_key_path = config.secrets.fullPaths."matrix/signing.key";
80 settings.listeners = [ 103 settings.listeners = [
@@ -152,6 +175,12 @@
152 ]; 175 ];
153 }; 176 };
154 }; 177 };
178 secrets.keys."matrix/ldap_password" = {
179 permissions = "0400";
180 user = "matrix-synapse";
181 group = "matrix-synapse";
182 text = config.myEnv.tools.matrix.ldap.password;
183 };
155 secrets.keys."matrix/signing.key" = { 184 secrets.keys."matrix/signing.key" = {
156 permissions = "0400"; 185 permissions = "0400";
157 user = "matrix-synapse"; 186 user = "matrix-synapse";
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-22 09:41:15 +0000