pyrox.dev / nixpkgs
lol
fork atom

Merge pull request #5982 from robberer/pkgs/openldap

openldap: add dataDir, use cfg.user and cfg.group to run slapd

Domen Kožar 9df1bdef e16630d4

+19 -9
unified split
+19 -9
nixos/modules/services/databases/openldap.nix
··· 20 20 services.openldap = { 21 21 22 22 enable = mkOption { 23 + type = types.bool; 23 24 default = false; 24 25 description = " 25 26 Whether to enable the ldap server. ··· 43 44 }; 44 45 45 46 user = mkOption { 47 + type = types.string; 46 48 default = "openldap"; 47 49 description = "User account under which slapd runs."; 48 50 }; 49 51 50 52 group = mkOption { 53 + type = types.string; 51 54 default = "openldap"; 52 55 description = "Group account under which slapd runs."; 53 56 }; 54 57 58 + dataDir = mkOption { 59 + type = types.string; 60 + default = "/var/db/openldap"; 61 + description = "The database directory."; 62 + }; 63 + 55 64 extraConfig = mkOption { 65 + type = types.lines; 56 66 default = ""; 57 67 description = " 58 68 sldapd.conf configuration ··· 76 86 preStart = '' 77 87 mkdir -p /var/run/slapd 78 88 chown -R ${cfg.user}:${cfg.group} /var/run/slapd 79 - mkdir -p /var/db/openldap 80 - chown -R ${cfg.user}:${cfg.group} /var/db/openldap 89 + mkdir -p ${cfg.dataDir} 90 + chown -R ${cfg.user}:${cfg.group} ${cfg.dataDir} 81 91 ''; 82 - serviceConfig.ExecStart = "${openldap}/libexec/slapd -u openldap -g openldap -d 0 -f ${configFile}"; 92 + serviceConfig.ExecStart = "${openldap}/libexec/slapd -u ${cfg.user} -g ${cfg.group} -d 0 -f ${configFile}"; 83 93 }; 84 94 85 - users.extraUsers = optionalAttrs (cfg.user == "openldap") (singleton 86 - { name = "openldap"; 95 + users.extraUsers.openldap = 96 + { name = cfg.user; 87 97 group = cfg.group; 88 98 uid = config.ids.uids.openldap; 89 - }); 99 + }; 90 100 91 - users.extraGroups = optionalAttrs (cfg.group == "openldap") (singleton 92 - { name = "openldap"; 101 + users.extraGroups.openldap = 102 + { name = cfg.group; 93 103 gid = config.ids.gids.openldap; 94 - }); 104 + }; 95 105 96 106 }; 97 107 }