aboutsummaryrefslogtreecommitdiff
path: root/virtual/modules/databases
diff options
context:
space:
mode:
Diffstat (limited to 'virtual/modules/databases')
-rw-r--r--virtual/modules/databases/default.nix12
1 files changed, 5 insertions, 7 deletions
diff --git a/virtual/modules/databases/default.nix b/virtual/modules/databases/default.nix
index e3a5612..0912830 100644
--- a/virtual/modules/databases/default.nix
+++ b/virtual/modules/databases/default.nix
@@ -1,4 +1,4 @@
1{ lib, pkgs, config, mylibs, ... }: 1{ lib, pkgs, config, myconfig, mylibs, ... }:
2let 2let
3 cfg = config.services.myDatabases; 3 cfg = config.services.myDatabases;
4in { 4in {
@@ -112,20 +112,18 @@ in {
112 112
113 security.pam.services = let 113 security.pam.services = let
114 pam_ldap = pkgs.pam_ldap; 114 pam_ldap = pkgs.pam_ldap;
115 pam_ldap_mysql = assert mylibs.checkEnv "NIXOPS_MYSQL_PAM_PASSWORD"; 115 pam_ldap_mysql = pkgs.writeText "mysql.conf" ''
116 pkgs.writeText "mysql.conf" ''
117 host ldap.immae.eu 116 host ldap.immae.eu
118 base dc=immae,dc=eu 117 base dc=immae,dc=eu
119 binddn cn=mysql,cn=pam,ou=services,dc=immae,dc=eu 118 binddn cn=mysql,cn=pam,ou=services,dc=immae,dc=eu
120 bindpw ${builtins.getEnv "NIXOPS_MYSQL_PAM_PASSWORD"} 119 bindpw ${myconfig.env.databases.mysql.pam_password}
121 pam_filter memberOf=cn=users,cn=mysql,cn=pam,ou=services,dc=immae,dc=eu 120 pam_filter memberOf=cn=users,cn=mysql,cn=pam,ou=services,dc=immae,dc=eu
122 ''; 121 '';
123 pam_ldap_postgresql_replication = assert mylibs.checkEnv "NIXOPS_ELDIRON_LDAP_PASSWORD"; 122 pam_ldap_postgresql_replication = pkgs.writeText "postgresql.conf" ''
124 pkgs.writeText "postgresql.conf" ''
125 host ldap.immae.eu 123 host ldap.immae.eu
126 base dc=immae,dc=eu 124 base dc=immae,dc=eu
127 binddn cn=eldiron,ou=hosts,dc=immae,dc=eu 125 binddn cn=eldiron,ou=hosts,dc=immae,dc=eu
128 bindpw ${builtins.getEnv "NIXOPS_ELDIRON_LDAP_PASSWORD"} 126 bindpw ${myconfig.env.ldap.password}
129 pam_login_attribute cn 127 pam_login_attribute cn
130 ''; 128 '';
131 in [ 129 in [