pyrox.dev / nixpkgs
lol
fork atom

lldap: lldap 0.6.1 -> 0.6.2

ibizaman 078b5bba 42b6d626

options
unified split
Changed files
+61 -95
nixos
modules
services
databases
lldap.nix
tests
lldap.nix
pkgs
by-name
ll
lldap
0001-parameterize-frontend-location.patch
package.nix
+39 -15
nixos/modules/services/databases/lldap.nix 
···

       
2

       
2

       
 

       
  config,


     

       
3

       
3

       
 

       
  lib,


     

       
4

       
4

       
 

       
  pkgs,


     

       
5

       

       
-

       
  utils,


     

       
6

       
5

       
 

       
  ...


     

       
7

       
6

       
 

       
}:


     

       
8

       
7

       
 

       



     
···

       
103

       
102

       
 

       
            example = "postgres://postgres-user:password@postgres-server/my-database";


     

       
104

       
103

       
 

       
          };


     

       
105

       
104

       
 

       



     

       

       
105

       
+

       
          ldap_user_pass = mkOption {


     

       

       
106

       
+

       
            type = types.nullOr types.str;


     

       

       
107

       
+

       
            default = null;


     

       

       
108

       
+

       
            description = ''


     

       

       
109

       
+

       
              Password for default admin password.


     

       

       
110

       
+

       



     

       

       
111

       
+

       
              Unsecure: Use `ldap_user_pass_file` settings instead.


     

       

       
112

       
+

       
            '';


     

       

       
113

       
+

       
          };


     

       

       
114

       
+

       



     

       
106

       
115

       
 

       
          ldap_user_pass_file = mkOption {


     

       
107

       
116

       
 

       
            type = types.nullOr types.str;


     

       
108

       
117

       
 

       
            default = null;


     
···

       
163

       
172

       
 

       
  };


     

       
164

       
173

       
 

       



     

       
165

       
174

       
 

       
  config = lib.mkIf cfg.enable {


     

       

       
175

       
+

       
    assertions = [


     

       

       
176

       
+

       
      {


     

       

       
177

       
+

       
        assertion =


     

       

       
178

       
+

       
          (cfg.settings.ldap_user_pass_file or null) != null || (cfg.settings.ldap_user_pass or null) != null;


     

       

       
179

       
+

       
        message = "lldap: Default admin user password must be set. Please set the `ldap_user_pass` or better the `ldap_user_pass_file` setting.";


     

       

       
180

       
+

       
      }


     

       

       
181

       
+

       
      {


     

       

       
182

       
+

       
        assertion =


     

       

       
183

       
+

       
          (cfg.settings.ldap_user_pass_file or null) == null || (cfg.settings.ldap_user_pass or null) == null;


     

       

       
184

       
+

       
        message = "lldap: Both `ldap_user_pass` and `ldap_user_pass_file` settings should not be set at the same time. Set one to `null`.";


     

       

       
185

       
+

       
      }


     

       

       
186

       
+

       
    ];


     

       

       
187

       
+

       



     

       
166

       
188

       
 

       
    warnings =


     

       
167

       

       
-

       
      lib.optionals


     

       
168

       

       
-

       
        (


     

       
169

       

       
-

       
          (cfg.settings.ldap_user_pass_file or null) != null


     

       
170

       

       
-

       
          && cfg.settings.force_ldap_user_pass_reset == false


     

       
171

       

       
-

       
          && cfg.silenceForceUserPassResetWarning == false


     

       
172

       

       
-

       
        )


     

       
173

       

       
-

       
        [


     

       
174

       

       
-

       
          ''


     

       
175

       

       
-

       
            lldap: The default admin password is declared with the setting `ldap_user_pass_file`, but `force_ldap_user_pass_reset` is set to `false`.


     

       
176

       

       
-

       
            This means the admin password can be changed through the UI and will drift from the one defined in your nix config.


     

       
177

       

       
-

       
            It also means changing the setting `ldap_user_pass_file` will have no effect on the admin password.


     

       
178

       

       
-

       
            Either set `force_ldap_user_pass_reset` to `"always"` or silence this warning by setting the option `services.lldap.silenceForceUserPassResetWarning` to `true`.


     

       
179

       

       
-

       
          ''


     

       
180

       

       
-

       
        ];


     

       

       
189

       
+

       
      lib.optionals (cfg.settings.ldap_user_pass or null != null) [


     

       

       
190

       
+

       
        ''


     

       

       
191

       
+

       
          lldap: Unsecure `ldap_user_pass` setting is used. Prefer `ldap_user_pass_file` instead.


     

       

       
192

       
+

       
        ''


     

       

       
193

       
+

       
      ]


     

       

       
194

       
+

       
      ++


     

       

       
195

       
+

       
        lib.optionals


     

       

       
196

       
+

       
          (cfg.settings.force_ldap_user_pass_reset == false && cfg.silenceForceUserPassResetWarning == false)


     

       

       
197

       
+

       
          [


     

       

       
198

       
+

       
            ''


     

       

       
199

       
+

       
              lldap: The `force_ldap_user_pass_reset` setting is set to `false` which means


     

       

       
200

       
+

       
              the admin password can be changed through the UI and will drift from the one defined in your nix config.


     

       

       
201

       
+

       
              It also means changing the setting `ldap_user_pass` or `ldap_user_pass_file` will have no effect on the admin password.


     

       

       
202

       
+

       
              Either set `force_ldap_user_pass_reset` to `"always"` or silence this warning by setting the option `services.lldap.silenceForceUserPassResetWarning` to `true`.


     

       

       
203

       
+

       
            ''


     

       

       
204

       
+

       
          ];


     

       
181

       
205

       
 

       



     

       
182

       
206

       
 

       
    systemd.services.lldap = {


     

       
183

       
207

       
 

       
      description = "Lightweight LDAP server (lldap)";
+6 -2
nixos/tests/lldap.nix 
···

       
6

       
6

       
 

       
  name = "lldap";


     

       
7

       
7

       
 

       



     

       
8

       
8

       
 

       
  nodes.machine =


     

       
9

       

       
-

       
    { pkgs, ... }:


     

       

       
9

       
+

       
    { pkgs, lib, ... }:


     

       
10

       
10

       
 

       
    {


     

       
11

       
11

       
 

       
      services.lldap = {


     

       
12

       
12

       
 

       
        enable = true;


     
···

       
14

       
14

       
 

       
        settings = {


     

       
15

       
15

       
 

       
          verbose = true;


     

       
16

       
16

       
 

       
          ldap_base_dn = "dc=example,dc=com";


     

       

       
17

       
+

       



     

       

       
18

       
+

       
          ldap_user_pass = "password";


     

       
17

       
19

       
 

       
        };


     

       
18

       
20

       
 

       
      };


     

       
19

       
21

       
 

       
      environment.systemPackages = [ pkgs.openldap ];


     
···

       
23

       
25

       
 

       
          { ... }:


     

       
24

       
26

       
 

       
          {


     

       
25

       
27

       
 

       
            services.lldap.settings = {


     

       
26

       

       
-

       
              ldap_user_pass_file = toString (pkgs.writeText "adminPasswordFile" adminPassword);


     

       

       
28

       
+

       
              ldap_user_pass = lib.mkForce null;


     

       

       
29

       
+

       
              ldap_user_pass_file = lib.mkForce (toString (pkgs.writeText "adminPasswordFile" adminPassword));


     

       
27

       
30

       
 

       
              force_ldap_user_pass_reset = "always";


     

       
28

       
31

       
 

       
            };


     

       
29

       
32

       
 

       
          };


     
···

       
32

       
35

       
 

       
          { ... }:


     

       
33

       
36

       
 

       
          {


     

       
34

       
37

       
 

       
            services.lldap.settings = {


     

       

       
38

       
+

       
              ldap_user_pass = lib.mkForce null;


     

       
35

       
39

       
 

       
              ldap_user_pass_file = toString (pkgs.writeText "adminPasswordFile" "password");


     

       
36

       
40

       
 

       
              force_ldap_user_pass_reset = false;


     

       
37

       
41

       
 

       
            };
-64
pkgs/by-name/ll/lldap/0001-parameterize-frontend-location.patch 
···

       
1

       

       
-

       
From a09babb0cd9dd532ad2de920a2a35aa03d740dc6 Mon Sep 17 00:00:00 2001


     

       
2

       

       
-

       
From: Herwig Hochleitner <herwig@bendlas.net>


     

       
3

       

       
-

       
Date: Thu, 8 Aug 2024 00:29:14 +0200


     

       
4

       

       
-

       
Subject: [PATCH] parameterize frontend location


     

       
5

       

       
-

       



     

       
6

       

       
-

       
---


     

       
7

       

       
-

       
 server/src/infra/tcp_server.rs | 14 +++++++-------


     

       
8

       

       
-

       
 1 file changed, 7 insertions(+), 7 deletions(-)


     

       
9

       

       
-

       



     

       
10

       

       
-

       
diff --git a/server/src/infra/tcp_server.rs b/server/src/infra/tcp_server.rs


     

       
11

       

       
-

       
index fa5f11f..16e64c5 100644


     

       
12

       

       
-

       
--- a/server/src/infra/tcp_server.rs


     

       
13

       

       
-

       
+++ b/server/src/infra/tcp_server.rs


     

       
14

       

       
-

       
@@ -25,7 +25,7 @@ use std::sync::RwLock;


     

       
15

       

       
-

       
 use tracing::info;


     

       
16

       

       
-

       
 


     

       
17

       

       
-

       
 async fn index<Backend>(data: web::Data<AppState<Backend>>) -> actix_web::Result<impl Responder> {


     

       
18

       

       
-

       
-    let mut file = std::fs::read_to_string(r"./app/index.html")?;


     

       
19

       

       
-

       
+    let mut file = std::fs::read_to_string(r"@frontend@/index.html")?;


     

       
20

       

       
-

       
 


     

       
21

       

       
-

       
     if data.server_url.path() != "/" {


     

       
22

       

       
-

       
         file = file.replace(


     

       
23

       

       
-

       
@@ -80,7 +80,7 @@ pub(crate) fn error_to_http_response(error: TcpError) -> HttpResponse {


     

       
24

       

       
-

       
 async fn main_js_handler<Backend>(


     

       
25

       

       
-

       
     data: web::Data<AppState<Backend>>,


     

       
26

       

       
-

       
 ) -> actix_web::Result<impl Responder> {


     

       
27

       

       
-

       
-    let mut file = std::fs::read_to_string(r"./app/static/main.js")?;


     

       
28

       

       
-

       
+    let mut file = std::fs::read_to_string(r"@frontend@/static/main.js")?;


     

       
29

       

       
-

       
 


     

       
30

       

       
-

       
     if data.server_url.path() != "/" {


     

       
31

       

       
-

       
         file = file.replace("/pkg/", format!("{}/pkg/", data.server_url.path()).as_str());


     

       
32

       

       
-

       
@@ -92,12 +92,12 @@ async fn main_js_handler<Backend>(


     

       
33

       

       
-

       
 }


     

       
34

       

       
-

       
 


     

       
35

       

       
-

       
 async fn wasm_handler() -> actix_web::Result<impl Responder> {


     

       
36

       

       
-

       
-    Ok(actix_files::NamedFile::open_async("./app/pkg/lldap_app_bg.wasm").await?)


     

       
37

       

       
-

       
+    Ok(actix_files::NamedFile::open_async("@frontend@/pkg/lldap_app_bg.wasm").await?)


     

       
38

       

       
-

       
 }


     

       
39

       

       
-

       
 


     

       
40

       

       
-

       
 async fn wasm_handler_compressed() -> actix_web::Result<impl Responder> {


     

       
41

       

       
-

       
     Ok(


     

       
42

       

       
-

       
-        actix_files::NamedFile::open_async("./app/pkg/lldap_app_bg.wasm.gz")


     

       
43

       

       
-

       
+        actix_files::NamedFile::open_async("@frontend@/pkg/lldap_app_bg.wasm.gz")


     

       
44

       

       
-

       
             .await?


     

       
45

       

       
-

       
             .customize()


     

       
46

       

       
-

       
             .insert_header(header::ContentEncoding::Gzip)


     

       
47

       

       
-

       
@@ -143,11 +143,11 @@ fn http_config<Backend>(


     

       
48

       

       
-

       
     .service(web::resource("/pkg/lldap_app_bg.wasm").route(web::route().to(wasm_handler)))


     

       
49

       

       
-

       
     .service(web::resource("/static/main.js").route(web::route().to(main_js_handler::<Backend>)))


     

       
50

       

       
-

       
     // Serve the /pkg path with the compiled WASM app.


     

       
51

       

       
-

       
-    .service(Files::new("/pkg", "./app/pkg"))


     

       
52

       

       
-

       
+    .service(Files::new("/pkg", "@frontend@/pkg"))


     

       
53

       

       
-

       
     // Serve static files


     

       
54

       

       
-

       
-    .service(Files::new("/static", "./app/static"))


     

       
55

       

       
-

       
+    .service(Files::new("/static", "@frontend@/static"))


     

       
56

       

       
-

       
     // Serve static fonts


     

       
57

       

       
-

       
-    .service(Files::new("/static/fonts", "./app/static/fonts"))


     

       
58

       

       
-

       
+    .service(Files::new("/static/fonts", "@frontend@/static/fonts"))


     

       
59

       

       
-

       
     // Default to serve index.html for unknown routes, to support routing.


     

       
60

       

       
-

       
     .default_service(web::route().guard(guard::Get()).to(index::<Backend>));


     

       
61

       

       
-

       
 }


     

       
62

       

       
-

       
-- 


     

       
63

       

       
-

       
2.45.2


     

       
64

       

       
-
+16 -14
pkgs/by-name/ll/lldap/package.nix 
···

       
3

       
3

       
 

       
  fetchFromGitHub,


     

       
4

       
4

       
 

       
  lib,


     

       
5

       
5

       
 

       
  lldap,


     

       

       
6

       
+

       
  makeWrapper,


     

       
6

       
7

       
 

       
  nixosTests,


     

       
7

       
8

       
 

       
  rustPlatform,


     

       
8

       
9

       
 

       
  rustc,


     

       
9

       

       
-

       
  wasm-bindgen-cli_0_2_95,


     

       

       
10

       
+

       
  wasm-bindgen-cli_0_2_100,


     

       
10

       
11

       
 

       
  wasm-pack,


     

       
11

       
12

       
 

       
  which,


     

       
12

       
13

       
 

       
}:


     

       
13

       
14

       
 

       



     

       
14

       
15

       
 

       
let


     

       

       
16

       
+

       
  version = "0.6.2";


     

       
15

       
17

       
 

       



     

       
16

       

       
-

       
  commonDerivationAttrs = rec {


     

       

       
18

       
+

       
  commonDerivationAttrs = {


     

       
17

       
19

       
 

       
    pname = "lldap";


     

       
18

       

       
-

       
    version = "0.6.1";


     

       

       
20

       
+

       
    inherit version;


     

       
19

       
21

       
 

       



     

       
20

       
22

       
 

       
    src = fetchFromGitHub {


     

       
21

       
23

       
 

       
      owner = "lldap";


     

       
22

       
24

       
 

       
      repo = "lldap";


     

       
23

       
25

       
 

       
      rev = "v${version}";


     

       
24

       

       
-

       
      hash = "sha256-iQ+Vv9kx/pWHoa/WZChBK+FD2r1avzWWz57bnnzRjUg=";


     

       

       
26

       
+

       
      hash = "sha256-UBQWOrHika8X24tYdFfY8ETPh9zvI7/HV5j4aK8Uq+Y=";


     

       
25

       
27

       
 

       
    };


     

       
26

       
28

       
 

       



     

       
27

       

       
-

       
    cargoHash = "sha256-qXYgr9uRswuo9hwVROUX9KUKpkzR0VEcXImbdyOgxsY=";


     

       
28

       

       
-

       



     

       

       
29

       
+

       
    cargoHash = "sha256-SO7+HiiXNB/KF3fjzSMeiTPjRQq/unEfsnplx4kZv9c=";


     

       
29

       
30

       
 

       
  };


     

       
30

       
31

       
 

       



     

       
31

       
32

       
 

       
  frontend = rustPlatform.buildRustPackage (


     
···

       
35

       
36

       
 

       



     

       
36

       
37

       
 

       
      nativeBuildInputs = [


     

       
37

       
38

       
 

       
        wasm-pack


     

       
38

       

       
-

       
        wasm-bindgen-cli_0_2_95


     

       

       
39

       
+

       
        wasm-bindgen-cli_0_2_100


     

       
39

       
40

       
 

       
        binaryen


     

       
40

       
41

       
 

       
        which


     

       
41

       
42

       
 

       
        rustc


     
···

       
68

       
69

       
 

       
      "lldap_set_password"


     

       
69

       
70

       
 

       
    ];


     

       
70

       
71

       
 

       



     

       
71

       

       
-

       
    patches = [


     

       
72

       

       
-

       
      ./0001-parameterize-frontend-location.patch


     

       
73

       

       
-

       
    ];


     

       
74

       

       
-

       



     

       
75

       

       
-

       
    postPatch = ''


     

       
76

       

       
-

       
      substituteInPlace server/src/infra/tcp_server.rs --subst-var-by frontend '${frontend}'


     

       

       
72

       
+

       
    nativeBuildInputs = [ makeWrapper ];


     

       

       
73

       
+

       
    postInstall = ''


     

       

       
74

       
+

       
      wrapProgram $out/bin/lldap \


     

       

       
75

       
+

       
        --set LLDAP_ASSETS_PATH ${frontend}


     

       
77

       
76

       
 

       
    '';


     

       
78

       
77

       
 

       



     

       
79

       
78

       
 

       
    passthru = {


     
···

       
89

       
88

       
 

       
      changelog = "https://github.com/lldap/lldap/blob/v${lldap.version}/CHANGELOG.md";


     

       
90

       
89

       
 

       
      license = licenses.gpl3Only;


     

       
91

       
90

       
 

       
      platforms = platforms.linux;


     

       
92

       

       
-

       
      maintainers = with maintainers; [ bendlas ];


     

       

       
91

       
+

       
      maintainers = with maintainers; [


     

       

       
92

       
+

       
        bendlas


     

       

       
93

       
+

       
        ibizaman


     

       

       
94

       
+

       
      ];


     

       
93

       
95

       
 

       
      mainProgram = "lldap";


     

       
94

       
96

       
 

       
    };


     

       
95

       
97

       
 

       
  }