pyrox.dev / nixpkgs
lol
fork atom

Merge pull request #16148 from womfoo/openldap

openldap: add -h urlList in service so LDAP TLS could be enabled

Joachim Fasting c7ca9faa ecd3617d

options
unified split
Changed files
+9 -2
nixos
modules
services
databases
openldap.nix
+9 -2
nixos/modules/services/databases/openldap.nix 
···

       
40

       
 

       
        description = "Group account under which slapd runs.";


     

       
41

       
 

       
      };


     

       
42

       
 

       



     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
43

       
 

       
      dataDir = mkOption {


     

       
44

       
 

       
        type = types.string;


     

       
45

       
 

       
        default = "/var/db/openldap";


     
···

       
50

       
 

       
        type = types.lines;


     

       
51

       
 

       
        default = "";


     

       
52

       
 

       
        description = "


     

       
53

       
-

       
          sldapd.conf configuration


     

       
54

       
 

       
        ";


     

       
55

       
 

       
        example = literalExample ''


     

       
56

       
 

       
            '''


     
···

       
89

       
 

       
        mkdir -p ${cfg.dataDir}


     

       
90

       
 

       
        chown -R ${cfg.user}:${cfg.group} ${cfg.dataDir}


     

       
91

       
 

       
      '';


     

       
92

       
-

       
      serviceConfig.ExecStart = "${openldap.out}/libexec/slapd -u ${cfg.user} -g ${cfg.group} -d 0 -f ${configFile}";


     

       
93

       
 

       
    };


     

       
94

       
 

       



     

       
95

       
 

       
    users.extraUsers.openldap =


     
···

       
40

       
 

       
        description = "Group account under which slapd runs.";


     

       
41

       
 

       
      };


     

       
42

       
 

       



     

       
43

       
+

       
      urlList = mkOption {


     

       
44

       
+

       
        type = types.listOf types.string;


     

       
45

       
+

       
        default = [ "ldap:///" ];


     

       
46

       
+

       
        description = "URL list slapd should listen on.";


     

       
47

       
+

       
        example = [ "ldaps:///" ];


     

       
48

       
+

       
      };


     

       
49

       
+

       



     

       
50

       
 

       
      dataDir = mkOption {


     

       
51

       
 

       
        type = types.string;


     

       
52

       
 

       
        default = "/var/db/openldap";


     
···

       
57

       
 

       
        type = types.lines;


     

       
58

       
 

       
        default = "";


     

       
59

       
 

       
        description = "


     

       
60

       
+

       
          slapd.conf configuration


     

       
61

       
 

       
        ";


     

       
62

       
 

       
        example = literalExample ''


     

       
63

       
 

       
            '''


     
···

       
96

       
 

       
        mkdir -p ${cfg.dataDir}


     

       
97

       
 

       
        chown -R ${cfg.user}:${cfg.group} ${cfg.dataDir}


     

       
98

       
 

       
      '';


     

       
99

       
+

       
      serviceConfig.ExecStart = "${openldap.out}/libexec/slapd -u ${cfg.user} -g ${cfg.group} -d 0 -h \"${concatStringsSep " " cfg.urlList}\" -f ${configFile}";


     

       
100

       
 

       
    };


     

       
101

       
 

       



     

       
102

       
 

       
    users.extraUsers.openldap =