aboutsummaryrefslogtreecommitdiff
path: root/modules/private/databases/openldap/default.nix
diff options
context:
space:
mode:
Diffstat (limited to 'modules/private/databases/openldap/default.nix')
-rw-r--r--modules/private/databases/openldap/default.nix15
1 files changed, 11 insertions, 4 deletions
diff --git a/modules/private/databases/openldap/default.nix b/modules/private/databases/openldap/default.nix
index e00f4c2..f4851b5 100644
--- a/modules/private/databases/openldap/default.nix
+++ b/modules/private/databases/openldap/default.nix
@@ -98,7 +98,14 @@ in
98 permissions = "0400"; 98 permissions = "0400";
99 user = "openldap"; 99 user = "openldap";
100 group = "openldap"; 100 group = "openldap";
101 text = builtins.readFile "${cfg.accessFile}"; 101 text = builtins.readFile cfg.accessFile;
102 }
103 {
104 dest = "ldap";
105 permissions = "0500";
106 user = "openldap";
107 group = "openldap";
108 isDir = true;
102 } 109 }
103 ]; 110 ];
104 users.users.openldap.extraGroups = [ "keys" ]; 111 users.users.openldap.extraGroups = [ "keys" ];
@@ -115,7 +122,7 @@ in
115 122
116 services.filesWatcher.openldap = { 123 services.filesWatcher.openldap = {
117 restart = true; 124 restart = true;
118 paths = [ "${config.secrets.location}/ldap/" ]; 125 paths = [ config.secrets.fullPaths."ldap" ];
119 }; 126 };
120 127
121 services.openldap = { 128 services.openldap = {
@@ -132,9 +139,9 @@ in
132 overlay syncprov 139 overlay syncprov
133 syncprov-checkpoint 100 10 140 syncprov-checkpoint 100 10
134 141
135 include ${config.secrets.location}/ldap/access 142 include ${config.secrets.fullPaths."ldap/access"}
136 ''; 143 '';
137 rootpwFile = "${config.secrets.location}/ldap/password"; 144 rootpwFile = config.secrets.fullPaths."ldap/password";
138 suffix = cfg.baseDn; 145 suffix = cfg.baseDn;
139 rootdn = cfg.rootDn; 146 rootdn = cfg.rootDn;
140 database = "hdb"; 147 database = "hdb";
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-12 04:29:27 +0000