public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

nixos/openldap: add option for configuring OpenLDAP package to use

Browse Source 
In certain cases, for example when custom OpenLDAP modules are
compiled into the binary, users may want to override the package used
for OpenLDAP.

This is especially common in setups where LDAP is the primary
authentication source, as good password hashing mechanisms need to be
enabled as extra modules.
This commit is contained in:
Vincent Ambo 2020-07-01 19:11:00 +01:00
parent 85c5636938
commit c0122d335b
1 changed files with 21 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
nixos/modules/services/databases/openldap.nix
View File

@ -5,14 +5,14 @@ with lib;
let let
cfg = config.services.openldap; cfg = config.services.openldap;
openldap = pkgs.openldap; openldap = cfg.package;
dataFile = pkgs.writeText "ldap-contents.ldif" cfg.declarativeContents; dataFile = pkgs.writeText "ldap-contents.ldif" cfg.declarativeContents;
configFile = pkgs.writeText "slapd.conf" ((optionalString cfg.defaultSchemas '' configFile = pkgs.writeText "slapd.conf" ((optionalString cfg.defaultSchemas ''
include ${pkgs.openldap.out}/etc/schema/core.schema include ${openldap.out}/etc/schema/core.schema
include ${pkgs.openldap.out}/etc/schema/cosine.schema include ${openldap.out}/etc/schema/cosine.schema
include ${pkgs.openldap.out}/etc/schema/inetorgperson.schema include ${openldap.out}/etc/schema/inetorgperson.schema
include ${pkgs.openldap.out}/etc/schema/nis.schema include ${openldap.out}/etc/schema/nis.schema
'') + '' '') + ''
${cfg.extraConfig} ${cfg.extraConfig}
database ${cfg.database} database ${cfg.database}
@ -46,6 +46,18 @@ in
"; ";
}; };
package = mkOption {
type = types.package;
default = pkgs.openldap;
description = ''
OpenLDAP package to use.
This can be used to, for example, set an OpenLDAP package
with custom overrides to enable modules or other
functionality.
'';
};
user = mkOption { user = mkOption {
type = types.str; type = types.str;
default = "openldap"; default = "openldap";
@ -152,10 +164,10 @@ in
"; ";
example = literalExample '' example = literalExample ''
''' '''
include ${pkgs.openldap.out}/etc/schema/core.schema include ${openldap.out}/etc/schema/core.schema
include ${pkgs.openldap.out}/etc/schema/cosine.schema include ${openldap.out}/etc/schema/cosine.schema
include ${pkgs.openldap.out}/etc/schema/inetorgperson.schema include ${openldap.out}/etc/schema/inetorgperson.schema
include ${pkgs.openldap.out}/etc/schema/nis.schema include ${openldap.out}/etc/schema/nis.schema
database bdb database bdb
suffix dc=example,dc=org suffix dc=example,dc=org