nixos/ldap: move nss database configuration into ldap module

now that passwdArray and shadowArray aren't used anymore, these can be folded.
2020-05-06 00:09:59 +02:00 · 2020-05-06 00:09:59 +02:00 · 4f9c8ef791
commit 4f9c8ef791
parent 36b6e26d40
2 changed files with 7 additions and 14 deletions
--- a/nixos/modules/config/ldap.nix
+++ b/nixos/modules/config/ldap.nix
@ -244,6 +244,10 @@ in
      if cfg.daemon.enable then nss_pam_ldapd else nss_ldap
    );
    system.nssDatabases.group = optional cfg.nsswitch "ldap";
    system.nssDatabases.passwd = optional cfg.nsswitch "ldap";
    system.nssDatabases.shadow = optional cfg.nsswitch "ldap";
    users = mkIf cfg.daemon.enable {
      groups.nslcd = {
        gid = config.ids.gids.nslcd;
--- a/nixos/modules/config/nsswitch.nix
+++ b/nixos/modules/config/nsswitch.nix
@ -11,7 +11,6 @@ let
  # XXX Move these to their respective modules
  nssmdns = canLoadExternalModules && config.services.avahi.nssmdns;
  nsswins = canLoadExternalModules && config.services.samba.nsswins;
  ldap = canLoadExternalModules && (config.users.ldap.enable && config.users.ldap.nsswitch);
  hostArray = mkMerge [
    (mkBefore [ "files" ])
@ -21,16 +20,6 @@ let
    (mkIf nssmdns (mkOrder 1501 [ "mdns" ])) # 1501 to ensure it's after dns
  ];
  passwdArray = mkMerge [
    (mkBefore [ "files" ])
    (mkIf ldap [ "ldap" ])
  ];
  shadowArray = mkMerge [
    (mkBefore [ "files" ])
    (mkIf ldap [ "ldap" ])
  ];
 in {
  options = {
@ -145,9 +134,9 @@ in {
    '';
    system.nssDatabases = {
-      passwd = passwdArray;
+      passwd = mkBefore [ "files" ];
-      group = passwdArray;
+      group = mkBefore [ "files" ];
-      shadow = shadowArray;
+      shadow = mkBefore [ "files" ];
      hosts = hostArray;
      services = mkBefore [ "files" ];
    };