pyrox.dev
Merge pull request #16148 from womfoo/openldap
openldap: add -h urlList in service so LDAP TLS could be enabled
authored by
Joachim Fasting
and committed by
GitHub
c7ca9faa
ecd3617d
+9
-2
nixos/modules/services/databases/openldap.nix
+9
-2
nixos/modules/services/databases/openldap.nix
···
40
description = "Group account under which slapd runs.";
41
};
42
43
dataDir = mkOption {
44
type = types.string;
45
default = "/var/db/openldap";
···
50
type = types.lines;
51
default = "";
52
description = "
53
-
sldapd.conf configuration
54
";
55
example = literalExample ''
56
'''
···
89
mkdir -p ${cfg.dataDir}
90
chown -R ${cfg.user}:${cfg.group} ${cfg.dataDir}
91
'';
92
-
serviceConfig.ExecStart = "${openldap.out}/libexec/slapd -u ${cfg.user} -g ${cfg.group} -d 0 -f ${configFile}";
93
};
94
95
users.extraUsers.openldap =
···
40
description = "Group account under which slapd runs.";
41
};
42
43
+
urlList = mkOption {
44
+
type = types.listOf types.string;
45
+
default = [ "ldap:///" ];
46
+
description = "URL list slapd should listen on.";
47
+
example = [ "ldaps:///" ];
48
+
};
49
+
50
dataDir = mkOption {
51
type = types.string;
52
default = "/var/db/openldap";
···
57
type = types.lines;
58
default = "";
59
description = "
60
+
slapd.conf configuration
61
";
62
example = literalExample ''
63
'''
···
96
mkdir -p ${cfg.dataDir}
97
chown -R ${cfg.user}:${cfg.group} ${cfg.dataDir}
98
'';
99
+
serviceConfig.ExecStart = "${openldap.out}/libexec/slapd -u ${cfg.user} -g ${cfg.group} -d 0 -h \"${concatStringsSep " " cfg.urlList}\" -f ${configFile}";
100
};
101
102
users.extraUsers.openldap =