public
/
paris-container
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Make a bridge from paris -> ldap

This commit is contained in:
niten 2024-06-03 12:59:55 -07:00
parent f4ba577185
commit 75fc648e01
1 changed files with 17 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
paris-container.nix
View File

@ -161,15 +161,30 @@ in {
target-file = "/run/paris/openssh/${keypairFilename keypair}"; target-file = "/run/paris/openssh/${keypairFilename keypair}";
}) parisKeypairs)); }) parisKeypairs));
networking = {
bridges.paris-auth0.interfaces = [ "ldap0" ];
interfaces.ldap0 = {
virtual = true;
ipv4.addresses = [{
address = "172.16.128.1";
prefixLength = 24;
}];
};
};
virtualisation.oci-containers.containers.paris-ldap-proxy = { virtualisation.oci-containers.containers.paris-ldap-proxy = {
image = cfg.ldap.image; image = cfg.ldap.image;
autoStart = true; autoStart = true;
ports = [ "${toString cfg.ldap.port}:389" ]; ports = [ "172.16.128.1:${toString cfg.ldap.port}:389" ];
environmentFiles = [ hostSecrets.parisLdapEnv.target-file ]; environmentFiles = [ hostSecrets.parisLdapEnv.target-file ];
}; };
containers.paris = { containers.paris = {
macvlans = [ cfg.networking.interface ]; macvlans = [ cfg.networking.interface ];
extraVeths.paris0 = {
hostBridge = "paris-auth0";
hostAddress = "172.16.128.5";
};
bindMounts = { bindMounts = {
"/home" = { "/home" = {
hostPath = "${cfg.state-directory}/home"; hostPath = "${cfg.state-directory}/home";
@ -232,7 +247,7 @@ in {
auth_provider = "ldap"; auth_provider = "ldap";
access_provider = "ldap"; access_provider = "ldap";
ldap_uri = "ldap://localhost:${toString cfg.ldap.port}"; ldap_uri = "ldap://172.16.128.1:${toString cfg.ldap.port}";
ldap_schema = "rfc2307bis"; ldap_schema = "rfc2307bis";
ldap_search_base = cfg.ldap.base; ldap_search_base = cfg.ldap.base;