public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

nixos/openldap: Pick some PR nits

Browse Source
This commit is contained in:
Kai Wohlfahrt 2020-08-24 00:19:35 +01:00
parent 9528faf182
commit d05061c5cd
1 changed files with 16 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
nixos/modules/services/databases/openldap.nix
View File

@ -25,7 +25,7 @@ let
${if cfg.extraDatabaseConfig != null then cfg.extraDatabaseConfig else ""} ${if cfg.extraDatabaseConfig != null then cfg.extraDatabaseConfig else ""}
''); '');
configDir = lib.escapeShellArg (if cfg.configDir != null then cfg.configDir else "/etc/openldap/slapd.d"); configDir = if cfg.configDir != null then cfg.configDir else "/etc/openldap/slapd.d";
ldapValueType = let ldapValueType = let
singleLdapValueType = types.either types.str (types.submodule { singleLdapValueType = types.either types.str (types.submodule {
@ -249,7 +249,7 @@ in {
}; };
logLevel = mkOption { logLevel = mkOption {
type = types.nullOr (types.listOf types.str); type = types.nullOr (types.coercedTo types.str (lib.splitString " ") (types.listOf types.str));
default = null; default = null;
example = literalExample "[ \"acl\" \"trace\" ]"; example = literalExample "[ \"acl\" \"trace\" ]";
description = "The log level."; description = "The log level.";
@ -468,8 +468,8 @@ in {
mkdir -p /run/slapd mkdir -p /run/slapd
chown -R "${cfg.user}:${cfg.group}" /run/slapd chown -R "${cfg.user}:${cfg.group}" /run/slapd
mkdir -p ${configDir} ${lib.escapeShellArgs (lib.attrValues dataDirs)} mkdir -p ${lib.escapeShellArg configDir} ${lib.escapeShellArgs (lib.attrValues dataDirs)}
chown "${cfg.user}:${cfg.group}" ${configDir} ${lib.escapeShellArgs (lib.attrValues dataDirs)} chown "${cfg.user}:${cfg.group}" ${lib.escapeShellArg configDir} ${lib.escapeShellArgs (lib.attrValues dataDirs)}
${lib.optionalString (cfg.configDir == null) ( ${lib.optionalString (cfg.configDir == null) (
if (cfg.extraConfig != "" || cfg.extraDatabaseConfig != "") then '' if (cfg.extraConfig != "" || cfg.extraDatabaseConfig != "") then ''
@ -481,13 +481,13 @@ in {
${openldap}/bin/slapadd -F ${configDir} -bcn=config -l ${settingsFile} ${openldap}/bin/slapadd -F ${configDir} -bcn=config -l ${settingsFile}
'' ''
)} )}
chown -R "${cfg.user}:${cfg.group}" ${configDir} chown -R "${cfg.user}:${cfg.group}" ${lib.escapeShellArg configDir}
${if types.lines.check cfg.declarativeContents then (let ${if types.lines.check cfg.declarativeContents then (let
dataFile = pkgs.writeText "ldap-contents.ldif" cfg.declarativeContents; dataFile = pkgs.writeText "ldap-contents.ldif" cfg.declarativeContents;
in '' in ''
rm -rf ${lib.escapeShellArg cfg.dataDir}/* rm -rf ${lib.escapeShellArg cfg.dataDir}/*
${openldap}/bin/slapadd -F ${configDir} -l ${dataFile} ${openldap}/bin/slapadd -F ${lib.escapeShellArg configDir} -l ${dataFile}
chown -R "${cfg.user}:${cfg.group}" ${lib.escapeShellArg cfg.dataDir} chown -R "${cfg.user}:${cfg.group}" ${lib.escapeShellArg cfg.dataDir}
'') else (let '') else (let
dataFiles = lib.mapAttrs (dn: contents: pkgs.writeText "${dn}.ldif" contents) cfg.declarativeContents; dataFiles = lib.mapAttrs (dn: contents: pkgs.writeText "${dn}.ldif" contents) cfg.declarativeContents;
@ -496,28 +496,28 @@ in {
dataDir = lib.escapeShellArg (getAttr dn dataDirs); dataDir = lib.escapeShellArg (getAttr dn dataDirs);
in '' in ''
rm -rf ${dataDir}/* rm -rf ${dataDir}/*
${openldap}/bin/slapadd -F ${configDir} -b ${dn} -l ${file} ${openldap}/bin/slapadd -F ${lib.escapeShellArg configDir} -b ${dn} -l ${file}
chown -R "${cfg.user}:${cfg.group}" ${dataDir} chown -R "${cfg.user}:${cfg.group}" ${dataDir}
'') dataFiles)} '') dataFiles)}
'')} '')}
${openldap}/bin/slaptest -u -F ${configDir} ${openldap}/bin/slaptest -u -F ${lib.escapeShellArg configDir}
''; '';
serviceConfig = { serviceConfig = {
ExecStart = lib.concatStringsSep " " [ ExecStart = lib.escapeShellArgs ([
"${openldap}/libexec/slapd" "${openldap}/libexec/slapd" "-u" cfg.user "-g" cfg.group "-F" configDir
"-u '${cfg.user}'" "-h" (lib.concatStringsSep " " cfg.urlList)
"-g '${cfg.group}'" ]);
"-h '${concatStringsSep " " cfg.urlList}'"
"-F ${configDir}"
];
Type = "forking"; Type = "forking";
PIDFile = cfg.settings.attrs.olcPidFile; PIDFile = cfg.settings.attrs.olcPidFile;
}; };
}; };
users.users = lib.optionalAttrs (cfg.user == "openldap") { users.users = lib.optionalAttrs (cfg.user == "openldap") {
openldap = { group = cfg.group; }; openldap = {
group = cfg.group;
isSystemUser = true;
};
}; };
users.groups = lib.optionalAttrs (cfg.group == "openldap") { users.groups = lib.optionalAttrs (cfg.group == "openldap") {