1 files changed, 6 insertions, 6 deletions
diff --git a/modules/private/system/quatresaisons.nix b/modules/private/system/quatresaisons.nix
index 0148650..491e215 100644
--- a/modules/private/system/quatresaisons.nix
+++ b/modules/private/system/quatresaisons.nix
@@ -53,7 +53,7 @@ let
      chmod go-rwx /var/lib/nixos/sponsored_users
      echo "$mygroup $1 $2" >> /var/lib/nixos/sponsored_users
      (${pkgs.openldap}/bin/ldapadd -c -D cn=root,dc=salle-s,dc=org \
-        -y /var/secrets/ldap/sync_password 2>/dev/null >/dev/null || true) <<EOF
+        -y ${config.secrets.fullPaths."ldap/sync_password"} 2>/dev/null >/dev/null || true) <<EOF
    dn: uid=$1,uid=$mygroup,ou=users,dc=salle-s,dc=org
    objectClass: inetOrgPerson
    cn: $1
@@ -74,7 +74,7 @@ let
        userdel -r "$1"
        sed -i -e "/^$mygroup $1/d" /var/lib/nixos/sponsored_users
        ${pkgs.openldap}/bin/ldapdelete -D cn=root,dc=salle-s,dc=org \
-          -y /var/secrets/ldap/sync_password \
+          -y ${config.secrets.fullPaths."ldap/sync_password"} \
          "uid=$1,uid=$mygroup,ou=users,dc=salle-s,dc=org"
        echo "deleted"
        exit 0
@@ -103,7 +103,7 @@ let
      if [ "$1" = "$mygroup" ]; then
        log "resets web password"
        ${pkgs.openldap}/bin/ldappasswd -D cn=root,dc=salle-s,dc=org \
-          -y /var/secrets/ldap/sync_password \
+          -y ${config.secrets.fullPaths."ldap/sync_password"} \
          -S "uid=$mygroup,ou=users,dc=salle-s,dc=org"
      else
        IFS=",";
@@ -111,7 +111,7 @@ let
        if [ "$u" = "$1" ]; then
          log "resets web password of $1"
          ${pkgs.openldap}/bin/ldappasswd -D cn=root,dc=salle-s,dc=org \
-            -y /var/secrets/ldap/sync_password \
+            -y ${config.secrets.fullPaths."ldap/sync_password"} \
            -S "uid=$1,uid=$mygroup,ou=users,dc=salle-s,dc=org"
          exit 0
        fi
@@ -221,10 +221,10 @@ in
    deps = [ "secrets" "users" ];
    text =
      let
-        com = "-D cn=root,dc=salle-s,dc=org -y /var/secrets/ldap/sync_password";
+        com = "-D cn=root,dc=salle-s,dc=org -y ${config.secrets.fullPaths."ldap/sync_password"}";
      in ''
      # Add users
-      ${pkgs.openldap}/bin/ldapadd -c ${com} -f /var/secrets/ldap/ldaptree.ldif 2>/dev/null >/dev/null || true
+      ${pkgs.openldap}/bin/ldapadd -c ${com} -f ${config.secrets.fullPaths."ldap/ldaptree.ldif"} 2>/dev/null >/dev/null || true
      # Remove obsolete users
      ${pkgs.openldap}/bin/ldapsearch -LLL ${com} -s one -b "ou=users,dc=salle-s,dc=org" "uid" |\

diff --git a/modules/private/system/quatresaisons.nix b/modules/private/system/quatresaisons.nix index 0148650..491e215 100644 --- a/modules/private/system/quatresaisons.nix +++ b/modules/private/system/quatresaisons.nix
@@ -53,7 +53,7 @@ let
53	chmod go-rwx /var/lib/nixos/sponsored_users	53	chmod go-rwx /var/lib/nixos/sponsored_users
54	echo "$mygroup $1 $2" >> /var/lib/nixos/sponsored_users	54	echo "$mygroup $1 $2" >> /var/lib/nixos/sponsored_users
55	(${pkgs.openldap}/bin/ldapadd -c -D cn=root,dc=salle-s,dc=org \	55	(${pkgs.openldap}/bin/ldapadd -c -D cn=root,dc=salle-s,dc=org \
56	-y /var/secrets/ldap/sync_password 2>/dev/null >/dev/null \|\| true) <<EOF	56	-y ${config.secrets.fullPaths."ldap/sync_password"} 2>/dev/null >/dev/null \|\| true) <<EOF
57	dn: uid=$1,uid=$mygroup,ou=users,dc=salle-s,dc=org	57	dn: uid=$1,uid=$mygroup,ou=users,dc=salle-s,dc=org
58	objectClass: inetOrgPerson	58	objectClass: inetOrgPerson
59	cn: $1	59	cn: $1
@@ -74,7 +74,7 @@ let
74	userdel -r "$1"	74	userdel -r "$1"
75	sed -i -e "/^$mygroup $1/d" /var/lib/nixos/sponsored_users	75	sed -i -e "/^$mygroup $1/d" /var/lib/nixos/sponsored_users
76	${pkgs.openldap}/bin/ldapdelete -D cn=root,dc=salle-s,dc=org \	76	${pkgs.openldap}/bin/ldapdelete -D cn=root,dc=salle-s,dc=org \
77	-y /var/secrets/ldap/sync_password \	77	-y ${config.secrets.fullPaths."ldap/sync_password"} \
78	"uid=$1,uid=$mygroup,ou=users,dc=salle-s,dc=org"	78	"uid=$1,uid=$mygroup,ou=users,dc=salle-s,dc=org"
79	echo "deleted"	79	echo "deleted"
80	exit 0	80	exit 0
@@ -103,7 +103,7 @@ let
103	if [ "$1" = "$mygroup" ]; then	103	if [ "$1" = "$mygroup" ]; then
104	log "resets web password"	104	log "resets web password"
105	${pkgs.openldap}/bin/ldappasswd -D cn=root,dc=salle-s,dc=org \	105	${pkgs.openldap}/bin/ldappasswd -D cn=root,dc=salle-s,dc=org \
106	-y /var/secrets/ldap/sync_password \	106	-y ${config.secrets.fullPaths."ldap/sync_password"} \
107	-S "uid=$mygroup,ou=users,dc=salle-s,dc=org"	107	-S "uid=$mygroup,ou=users,dc=salle-s,dc=org"
108	else	108	else
109	IFS=",";	109	IFS=",";
@@ -111,7 +111,7 @@ let
111	if [ "$u" = "$1" ]; then	111	if [ "$u" = "$1" ]; then
112	log "resets web password of $1"	112	log "resets web password of $1"
113	${pkgs.openldap}/bin/ldappasswd -D cn=root,dc=salle-s,dc=org \	113	${pkgs.openldap}/bin/ldappasswd -D cn=root,dc=salle-s,dc=org \
114	-y /var/secrets/ldap/sync_password \	114	-y ${config.secrets.fullPaths."ldap/sync_password"} \
115	-S "uid=$1,uid=$mygroup,ou=users,dc=salle-s,dc=org"	115	-S "uid=$1,uid=$mygroup,ou=users,dc=salle-s,dc=org"
116	exit 0	116	exit 0
117	fi	117	fi
@@ -221,10 +221,10 @@ in
221	deps = [ "secrets" "users" ];	221	deps = [ "secrets" "users" ];
222	text =	222	text =
223	let	223	let
224	com = "-D cn=root,dc=salle-s,dc=org -y /var/secrets/ldap/sync_password";	224	com = "-D cn=root,dc=salle-s,dc=org -y ${config.secrets.fullPaths."ldap/sync_password"}";
225	in ''	225	in ''
226	# Add users	226	# Add users
227	${pkgs.openldap}/bin/ldapadd -c ${com} -f /var/secrets/ldap/ldaptree.ldif 2>/dev/null >/dev/null \|\| true	227	${pkgs.openldap}/bin/ldapadd -c ${com} -f ${config.secrets.fullPaths."ldap/ldaptree.ldif"} 2>/dev/null >/dev/null \|\| true
228		228
229	# Remove obsolete users	229	# Remove obsolete users
230	${pkgs.openldap}/bin/ldapsearch -LLL ${com} -s one -b "ou=users,dc=salle-s,dc=org" "uid" \|\	230	${pkgs.openldap}/bin/ldapsearch -LLL ${com} -s one -b "ou=users,dc=salle-s,dc=org" "uid" \|\