public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
nixpkgs/nixos/modules/services/databases/openldap.nix
Domen Kožar 9df1bdefef Merge pull request #5982 from robberer/pkgs/openldap 
openldap: add dataDir, use cfg.user and cfg.group to run slapd
2015-01-26 10:33:57 +01:00

108 lines
2.5 KiB
Nix
Raw Blame History

{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.openldap;
openldap = pkgs.openldap;
configFile = pkgs.writeText "slapd.conf" cfg.extraConfig;
in
{
###### interface
options = {
services.openldap = {
enable = mkOption {
type = types.bool;
default = false;
description = "
Whether to enable the ldap server.
";
example = literalExample ''
openldap.enable = true;
openldap.extraConfig = '''
include ''${pkgs.openldap}/etc/openldap/schema/core.schema
include ''${pkgs.openldap}/etc/openldap/schema/cosine.schema
include ''${pkgs.openldap}/etc/openldap/schema/inetorgperson.schema
include ''${pkgs.openldap}/etc/openldap/schema/nis.schema
database bdb
suffix dc=example,dc=org
rootdn cn=admin,dc=example,dc=org
# NOTE: change after first start
rootpw secret
directory /var/db/openldap
''';
'';
};
user = mkOption {
type = types.string;
default = "openldap";
description = "User account under which slapd runs.";
};
group = mkOption {
type = types.string;
default = "openldap";
description = "Group account under which slapd runs.";
};
dataDir = mkOption {
type = types.string;
default = "/var/db/openldap";
description = "The database directory.";
};
extraConfig = mkOption {
type = types.lines;
default = "";
description = "
sldapd.conf configuration
";
};
};
};
###### implementation
config = mkIf config.services.openldap.enable {
environment.systemPackages = [ openldap ];
systemd.services.openldap = {
description = "LDAP server";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
preStart = ''
mkdir -p /var/run/slapd
chown -R ${cfg.user}:${cfg.group} /var/run/slapd
mkdir -p ${cfg.dataDir}
chown -R ${cfg.user}:${cfg.group} ${cfg.dataDir}
'';
serviceConfig.ExecStart = "${openldap}/libexec/slapd -u ${cfg.user} -g ${cfg.group} -d 0 -f ${configFile}";
};
users.extraUsers.openldap =
{ name = cfg.user;
group = cfg.group;
uid = config.ids.uids.openldap;
};
users.extraGroups.openldap =
{ name = cfg.group;
gid = config.ids.gids.openldap;
};
};
}
Reference in New Issue View Git Blame Copy Permalink