diff options
Diffstat (limited to 'virtual/modules/databases')
-rw-r--r-- | virtual/modules/databases/default.nix | 12 |
1 files changed, 5 insertions, 7 deletions
diff --git a/virtual/modules/databases/default.nix b/virtual/modules/databases/default.nix index e3a5612..0912830 100644 --- a/virtual/modules/databases/default.nix +++ b/virtual/modules/databases/default.nix | |||
@@ -1,4 +1,4 @@ | |||
1 | { lib, pkgs, config, mylibs, ... }: | 1 | { lib, pkgs, config, myconfig, mylibs, ... }: |
2 | let | 2 | let |
3 | cfg = config.services.myDatabases; | 3 | cfg = config.services.myDatabases; |
4 | in { | 4 | in { |
@@ -112,20 +112,18 @@ in { | |||
112 | 112 | ||
113 | security.pam.services = let | 113 | security.pam.services = let |
114 | pam_ldap = pkgs.pam_ldap; | 114 | pam_ldap = pkgs.pam_ldap; |
115 | pam_ldap_mysql = assert mylibs.checkEnv "NIXOPS_MYSQL_PAM_PASSWORD"; | 115 | pam_ldap_mysql = pkgs.writeText "mysql.conf" '' |
116 | pkgs.writeText "mysql.conf" '' | ||
117 | host ldap.immae.eu | 116 | host ldap.immae.eu |
118 | base dc=immae,dc=eu | 117 | base dc=immae,dc=eu |
119 | binddn cn=mysql,cn=pam,ou=services,dc=immae,dc=eu | 118 | binddn cn=mysql,cn=pam,ou=services,dc=immae,dc=eu |
120 | bindpw ${builtins.getEnv "NIXOPS_MYSQL_PAM_PASSWORD"} | 119 | bindpw ${myconfig.env.databases.mysql.pam_password} |
121 | pam_filter memberOf=cn=users,cn=mysql,cn=pam,ou=services,dc=immae,dc=eu | 120 | pam_filter memberOf=cn=users,cn=mysql,cn=pam,ou=services,dc=immae,dc=eu |
122 | ''; | 121 | ''; |
123 | pam_ldap_postgresql_replication = assert mylibs.checkEnv "NIXOPS_ELDIRON_LDAP_PASSWORD"; | 122 | pam_ldap_postgresql_replication = pkgs.writeText "postgresql.conf" '' |
124 | pkgs.writeText "postgresql.conf" '' | ||
125 | host ldap.immae.eu | 123 | host ldap.immae.eu |
126 | base dc=immae,dc=eu | 124 | base dc=immae,dc=eu |
127 | binddn cn=eldiron,ou=hosts,dc=immae,dc=eu | 125 | binddn cn=eldiron,ou=hosts,dc=immae,dc=eu |
128 | bindpw ${builtins.getEnv "NIXOPS_ELDIRON_LDAP_PASSWORD"} | 126 | bindpw ${myconfig.env.ldap.password} |
129 | pam_login_attribute cn | 127 | pam_login_attribute cn |
130 | ''; | 128 | ''; |
131 | in [ | 129 | in [ |