public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

openldap: add -h urlList in service so LDAP TLS could be enabled

Browse Source
This commit is contained in:
Kranium Gikos Mendoza 2016-05-21 19:49:14 +08:00
parent fbde3a7452
commit f79930849a
1 changed files with 9 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
nixos/modules/services/databases/openldap.nix
View File

@ -40,6 +40,13 @@ in
description = "Group account under which slapd runs."; description = "Group account under which slapd runs.";
}; };
urlList = mkOption {
type = types.listOf types.string;
default = [ "ldap:///" ];
description = "URL list slapd should listen on.";
example = [ "ldaps:///" ];
};
dataDir = mkOption { dataDir = mkOption {
type = types.string; type = types.string;
default = "/var/db/openldap"; default = "/var/db/openldap";
@ -50,7 +57,7 @@ in
type = types.lines; type = types.lines;
default = ""; default = "";
description = " description = "
sldapd.conf configuration slapd.conf configuration
"; ";
example = '' example = ''
include ''${pkgs.openldap}/etc/openldap/schema/core.schema include ''${pkgs.openldap}/etc/openldap/schema/core.schema
@ -87,7 +94,7 @@ in
mkdir -p ${cfg.dataDir} mkdir -p ${cfg.dataDir}
chown -R ${cfg.user}:${cfg.group} ${cfg.dataDir} chown -R ${cfg.user}:${cfg.group} ${cfg.dataDir}
''; '';
serviceConfig.ExecStart = "${openldap.out}/libexec/slapd -u ${cfg.user} -g ${cfg.group} -d 0 -f ${configFile}"; serviceConfig.ExecStart = "${openldap.out}/libexec/slapd -u ${cfg.user} -g ${cfg.group} -d 0 -h \"${concatStringsSep " " cfg.urlList}\" -f ${configFile}";
}; };
users.extraUsers.openldap = users.extraUsers.openldap =