61 lines
1.4 KiB
Nix
61 lines
1.4 KiB
Nix
{ pkgs, ... }:
|
|
|
|
with pkgs.lib;
|
|
let
|
|
hash-ldap-passwd-pkg = name: passwd-file: pkgs.stdenv.mkDerivation {
|
|
name = "${name}-ldap-passwd";
|
|
|
|
phases = [ "buildPhase" "installPhase" ];
|
|
|
|
buildInputs = with pkgs; [ openldap ];
|
|
|
|
buildPhase = ''
|
|
slappasswd -T ${passwd-file} > ldap-passwd
|
|
'';
|
|
|
|
installPhase = ''
|
|
mkdir -p $out
|
|
mv ldap-passwd $out
|
|
'';
|
|
};
|
|
|
|
hash-ldap-passwd = name: passwd-file: let
|
|
passwd-pkgs = hash-ldap-passwd-pkg name passwd-file;
|
|
in builtins.readFile "${passwd-pkgs}/ldap-passwd";
|
|
|
|
generate-random-passwd = name: length: pkgs.stdenv.mkDerivation {
|
|
name = "${name}-random-passwd";
|
|
|
|
phases = [ "installPhase" ];
|
|
|
|
buildInputs = with pkgs; [ pwgen ];
|
|
|
|
installPhase = ''
|
|
pwgen --secure --num-passwords=1 ${length} > $out
|
|
'';
|
|
};
|
|
|
|
generate-stablerandom-passwd = name: { seed, length ? 20, ... }:
|
|
pkgs.stdenv.mkDerivation {
|
|
name = "${name}-stablerandom-passwd";
|
|
|
|
phases = [ "installPhase" ];
|
|
|
|
buildInputs = with pkgs; [ pwgen ];
|
|
|
|
installPhase = ''
|
|
echo "${name}-${seed}" > seedfile
|
|
pwgen --secure --num-passwords=1 -H seedfile ${toString length} > $out
|
|
'';
|
|
};
|
|
|
|
in {
|
|
hash-ldap-passwd = hash-ldap-passwd;
|
|
|
|
random-passwd-file = name: length:
|
|
builtins.toPath "${generate-random-passwd name length}";
|
|
|
|
stablerandom-passwd-file = name: seed:
|
|
builtins.toPath "${generate-stablerandom-passwd name { seed = seed; }}";
|
|
}
|