public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

nixos/sss: Move nsswitch config into the module

Browse Source
This commit is contained in:
Janne Heß 2020-04-28 17:02:46 +02:00
parent bc2a4b341a
commit edddc7c82a
No known key found for this signature in database
GPG Key ID: 69165158F05265DF
2 changed files with 6 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
nixos/modules/config/nsswitch.nix
View File

@ -14,7 +14,6 @@ let
nssmdns = canLoadExternalModules && config.services.avahi.nssmdns; nssmdns = canLoadExternalModules && config.services.avahi.nssmdns;
nsswins = canLoadExternalModules && config.services.samba.nsswins; nsswins = canLoadExternalModules && config.services.samba.nsswins;
ldap = canLoadExternalModules && (config.users.ldap.enable && config.users.ldap.nsswitch); ldap = canLoadExternalModules && (config.users.ldap.enable && config.users.ldap.nsswitch);
sssd = canLoadExternalModules && config.services.sssd.enable;
resolved = canLoadExternalModules && config.services.resolved.enable; resolved = canLoadExternalModules && config.services.resolved.enable;
googleOsLogin = canLoadExternalModules && config.security.googleOsLogin.enable; googleOsLogin = canLoadExternalModules && config.security.googleOsLogin.enable;
@ -31,7 +30,6 @@ let
passwdArray = mkMerge [ passwdArray = mkMerge [
(mkBefore [ "files" ]) (mkBefore [ "files" ])
(mkIf sssd [ "sss" ])
(mkIf ldap [ "ldap" ]) (mkIf ldap [ "ldap" ])
(mkIf mymachines [ "mymachines" ]) (mkIf mymachines [ "mymachines" ])
(mkIf googleOsLogin [ "cache_oslogin oslogin" ]) (mkIf googleOsLogin [ "cache_oslogin oslogin" ])
@ -40,15 +38,9 @@ let
shadowArray = mkMerge [ shadowArray = mkMerge [
(mkBefore [ "files" ]) (mkBefore [ "files" ])
(mkIf sssd [ "sss" ])
(mkIf ldap [ "ldap" ]) (mkIf ldap [ "ldap" ])
]; ];
servicesArray = mkMerge [
(mkBefore [ "files" ])
(mkIf sssd [ "sss" ])
];
in { in {
options = { options = {
@ -172,7 +164,7 @@ in {
group = passwdArray; group = passwdArray;
shadow = shadowArray; shadow = shadowArray;
hosts = hostArray; hosts = hostArray;
services = servicesArray; services = mkBefore [ "files" ];
}; };
# Systemd provides nss-myhostname to ensure that our hostname # Systemd provides nss-myhostname to ensure that our hostname

5
nixos/modules/services/misc/sssd.nix
View File

@ -75,6 +75,11 @@ in {
}; };
system.nssModules = optional cfg.enable pkgs.sssd; system.nssModules = optional cfg.enable pkgs.sssd;
system.nssDatabases = {
passwd = [ "sss" ];
shadow = [ "sss" ];
services = [ "sss" ];
};
services.dbus.packages = [ pkgs.sssd ]; services.dbus.packages = [ pkgs.sssd ];
}) })