public
/
paris-container
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add LDAP port (and firewall ports)

This commit is contained in:
niten 2024-05-28 11:09:29 -07:00
parent f25509454c
commit da49d47bca
1 changed files with 14 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
paris-container.nix
View File

@ -19,6 +19,12 @@ in {
description = "Directory at which to store server state."; description = "Directory at which to store server state.";
}; };
ports = mkOption {
type = listOf port;
description = "List of ports to open to the public internet.";
default = [ ];
};
ldap = { ldap = {
image = mkOption { image = mkOption {
type = str; type = str;
@ -26,6 +32,12 @@ in {
default = "ghcr.io/goauthentik/ldap:latest"; default = "ghcr.io/goauthentik/ldap:latest";
}; };
port = mkOption {
type = port;
description = "Port on which to listen for LDAP requests.";
default = 4389;
};
domain = mkOption { domain = mkOption {
type = str; type = str;
description = description =
@ -137,7 +149,7 @@ in {
virtualisation.oci-containers.paris-ldap-proxy = { virtualisation.oci-containers.paris-ldap-proxy = {
image = cfg.ldap.image; image = cfg.ldap.image;
autoStart = true; autoStart = true;
ports = [ "${cfg.ldap.port}:389" ]; ports = [ "${toString cfg.ldap.port}:389" ];
environmentFiles = [ hostSecrets.parisLdapEnv.target-file ]; environmentFiles = [ hostSecrets.parisLdapEnv.target-file ];
}; };
@ -184,7 +196,7 @@ in {
auth_provider = "ldap"; auth_provider = "ldap";
access_provider = "ldap"; access_provider = "ldap";
ldap_uri = "ldap://localhost:${cfg.ldap.port}"; ldap_uri = "ldap://localhost:${toString cfg.ldap.port}";
ldap_schema = "rfc2307bis"; ldap_schema = "rfc2307bis";
ldap_search_base = cfg.ldap.base; ldap_search_base = cfg.ldap.base;