nix
/
lib
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Heimdal no longer stores kdc in libexec/heimdal/

This commit is contained in:
niten 2024-06-02 13:34:57 -07:00
parent 60d5d50336
commit 6d08c1a790
3 changed files with 13 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
lib/fudo/auth/kerberos/kdc.nix
View File

@ -108,7 +108,7 @@ let
else
[ "0.0.0.0" ];
bindClause = "--addresses=${concatStringsSep "," ips}";
in "${pkgs.heimdal}/libexec/heimdal/kdc --config-file=${kdcConf} --ports=88 ${bindClause}";
in "${pkgs.heimdal}/libexec/kdc --config-file=${kdcConf} --ports=88 ${bindClause}";
};
};
@ -135,7 +135,7 @@ let
AmbientCapabilities = "CAP_NET_BIND_SERVICE";
SecureBits = "keep-caps";
ExecStart = concatStringsSep " " [
"${pkgs.heimdal}/libexec/heimdal/kadmind"
"${pkgs.heimdal}/libexec/kadmind"
"--config-file=${kdcConf}"
"--keytab=${cfg.kdc.primary.keytabs.kadmind}"
"--realm=${cfg.realm}"
@ -170,7 +170,7 @@ let
AmbientCapabilities = "CAP_NET_BIND_SERVICE";
SecureBits = "keep-caps";
ExecStart = concatStringsSep " " [
"${pkgs.heimdal}/libexec/heimdal/kpasswdd"
"${pkgs.heimdal}/libexec/kpasswdd"
"--config-file=${kdcConf}"
"--keytab=${cfg.kdc.primary.keytabs.kpasswdd}"
"--realm=${cfg.realm}"
@ -203,7 +203,7 @@ let
ExecStart = pkgs.writeShellScript "kdc-hprop.sh"
(concatStringsSep " " ([
"${pkgs.heimdal}/libexec/heimdal/hprop"
"${pkgs.heimdal}/libexec/hprop"
''--master-key="${cfg.kdc.master-key-file}"''
#''--database="(echo "${staging-db}")"''
"--database=sqlite:${cfg.kdc.database}"
@ -308,7 +308,7 @@ let
else
[ "0.0.0.0" ];
bindClause = "--addresses=${concatStringsSep "," ips}";
in "${pkgs.heimdal}/libexec/heimdal/kdc --config-file=${kdcConf} --ports=88 ${bindClause}";
in "${pkgs.heimdal}/libexec/kdc --config-file=${kdcConf} --ports=88 ${bindClause}";
};
unitConfig.ConditionPathExists = [ cfg.kdc.database ];
};
@ -342,7 +342,7 @@ let
ExecStart = let
startScript = pkgs.writeShellScript "launch-heimdal-hpropd.sh"
(concatStringsSep " " [
"${pkgs.heimdal}/libexec/heimdal/hpropd"
"${pkgs.heimdal}/libexec/hpropd"
"--database=sqlite:$STATE_DIRECTORY/realm.db"
"--keytab=${cfg.kdc.secondary.keytabs.hpropd}"
]);

15
lib/informis/cl-gemini.nix
View File

@ -28,21 +28,6 @@ let
};
};
ensure-certificates = hostname: user: key: cert:
pkgs.writeShellScript "ensure-gemini-certificates.sh" ''
if [[ ! -e ${key} ]]; then
TARGET_CERT_DIR=$(${pkgs.coreutils}/bin/dirname ${cert})
TARGET_KEY_DIR=$(${pkgs.coreutils}/bin/dirname ${key})
if [[ ! -d $TARGET_CERT_DIR ]]; then mkdir -p $TARGET_CERT_DIR; fi
if [[ ! -d $TARGET_KEY_DIR ]]; then mkdir -p $TARGET_KEY_DIR; fi
${pkgs.openssl}/bin/openssl req -new -subj "/CN=.${hostname}" -addext "subjectAltName = DNS:${hostname}, DNS:.${hostname}" -x509 -newkey ec -pkeyopt ec_paramgen_curve:prime256v1 -days 3650 -nodes -out ${cert} -keyout ${key}
${pkgs.coreutils}/bin/chown -R ${user}:nogroup ${cert}
${pkgs.coreutils}/bin/chown -R ${user}:nogroup ${key}
${pkgs.coreutils}/bin/chmod 0444 ${cert}
${pkgs.coreutils}/bin/chmod 0400 ${key}
fi
'';
generate-feeds = feeds:
let
feed-strings = mapAttrsToList (feed-name: opts:

12
lib/lib/lisp.nix
View File

@ -1,8 +1,10 @@
{ pkgs, ... }:
with pkgs.lib;
rec {
gather-dependencies = pkg: unique (pkg.propagatedBuildInputs ++ (concatMap gather-dependencies pkg.propagatedBuildInputs));
lisp-source-registry = pkg: concatStringsSep ":" (map (p: "${p}//") (gather-dependencies pkg));
with pkgs.lib; rec {
gather-dependencies = pkg:
unique (pkg.propagatedBuildInputs
++ (concatMap gather-dependencies pkg.propagatedBuildInputs));
lisp-source-registry = pkg:
concatStringsSep ":" (map (p: "${p}//") (gather-dependencies pkg));
}