Make a bridge from paris -> ldap

2024-06-03 12:59:55 -07:00 · 2024-06-03 12:59:55 -07:00 · 75fc648e01
parent f4ba577185
commit 75fc648e01
1 changed files with 17 additions and 2 deletions
--- a/paris-container.nix
+++ b/paris-container.nix
@ -161,15 +161,30 @@ in {
        target-file = "/run/paris/openssh/${keypairFilename keypair}";
      }) parisKeypairs));

+    networking = {
+      bridges.paris-auth0.interfaces = [ "ldap0" ];
+      interfaces.ldap0 = {
+        virtual = true;
+        ipv4.addresses = [{
+          address = "172.16.128.1";
+          prefixLength = 24;
+        }];
+      };
+    };
+
    virtualisation.oci-containers.containers.paris-ldap-proxy = {
      image = cfg.ldap.image;
      autoStart = true;
-      ports = [ "${toString cfg.ldap.port}:389" ];
+      ports = [ "172.16.128.1:${toString cfg.ldap.port}:389" ];
      environmentFiles = [ hostSecrets.parisLdapEnv.target-file ];
    };

    containers.paris = {
      macvlans = [ cfg.networking.interface ];
+      extraVeths.paris0 = {
+        hostBridge = "paris-auth0";
+        hostAddress = "172.16.128.5";
+      };
      bindMounts = {
        "/home" = {
          hostPath = "${cfg.state-directory}/home";
@ -232,7 +247,7 @@ in {
                auth_provider = "ldap";
                access_provider = "ldap";

-                ldap_uri = "ldap://localhost:${toString cfg.ldap.port}";
+                ldap_uri = "ldap://172.16.128.1:${toString cfg.ldap.port}";
                ldap_schema = "rfc2307bis";

                ldap_search_base = cfg.ldap.base;