diff options
author | Vincent Ambo <mail@tazj.in> | 2020-07-01 19:11:00 +0100 |
---|---|---|
committer | Vincent Ambo <mail@tazj.in> | 2020-07-01 20:49:04 +0100 |
commit | c0122d335b9a596a1617aee276a0e492bcd8517a (patch) | |
tree | 06152bd4d98540ea13b658b0b2f2d75291b50511 /nixos/modules/services/databases/openldap.nix | |
parent | 85c56369387195837078c3d6c47b7d2ad2c83fd1 (diff) | |
download | nixpkgs-c0122d335b9a596a1617aee276a0e492bcd8517a.tar nixpkgs-c0122d335b9a596a1617aee276a0e492bcd8517a.tar.gz nixpkgs-c0122d335b9a596a1617aee276a0e492bcd8517a.tar.bz2 nixpkgs-c0122d335b9a596a1617aee276a0e492bcd8517a.tar.lz nixpkgs-c0122d335b9a596a1617aee276a0e492bcd8517a.tar.xz nixpkgs-c0122d335b9a596a1617aee276a0e492bcd8517a.tar.zst nixpkgs-c0122d335b9a596a1617aee276a0e492bcd8517a.zip |
nixos/openldap: add option for configuring OpenLDAP package to use
In certain cases, for example when custom OpenLDAP modules are compiled into the binary, users may want to override the package used for OpenLDAP. This is especially common in setups where LDAP is the primary authentication source, as good password hashing mechanisms need to be enabled as extra modules.
Diffstat (limited to 'nixos/modules/services/databases/openldap.nix')
-rw-r--r-- | nixos/modules/services/databases/openldap.nix | 30 |
1 files changed, 21 insertions, 9 deletions
diff --git a/nixos/modules/services/databases/openldap.nix b/nixos/modules/services/databases/openldap.nix index 9b4d9a98b74..7472538b887 100644 --- a/nixos/modules/services/databases/openldap.nix +++ b/nixos/modules/services/databases/openldap.nix @@ -5,14 +5,14 @@ with lib; let cfg = config.services.openldap; - openldap = pkgs.openldap; + openldap = cfg.package; dataFile = pkgs.writeText "ldap-contents.ldif" cfg.declarativeContents; configFile = pkgs.writeText "slapd.conf" ((optionalString cfg.defaultSchemas '' - include ${pkgs.openldap.out}/etc/schema/core.schema - include ${pkgs.openldap.out}/etc/schema/cosine.schema - include ${pkgs.openldap.out}/etc/schema/inetorgperson.schema - include ${pkgs.openldap.out}/etc/schema/nis.schema + include ${openldap.out}/etc/schema/core.schema + include ${openldap.out}/etc/schema/cosine.schema + include ${openldap.out}/etc/schema/inetorgperson.schema + include ${openldap.out}/etc/schema/nis.schema '') + '' ${cfg.extraConfig} database ${cfg.database} @@ -46,6 +46,18 @@ in "; }; + package = mkOption { + type = types.package; + default = pkgs.openldap; + description = '' + OpenLDAP package to use. + + This can be used to, for example, set an OpenLDAP package + with custom overrides to enable modules or other + functionality. + ''; + }; + user = mkOption { type = types.str; default = "openldap"; @@ -152,10 +164,10 @@ in "; example = literalExample '' ''' - include ${pkgs.openldap.out}/etc/schema/core.schema - include ${pkgs.openldap.out}/etc/schema/cosine.schema - include ${pkgs.openldap.out}/etc/schema/inetorgperson.schema - include ${pkgs.openldap.out}/etc/schema/nis.schema + include ${openldap.out}/etc/schema/core.schema + include ${openldap.out}/etc/schema/cosine.schema + include ${openldap.out}/etc/schema/inetorgperson.schema + include ${openldap.out}/etc/schema/nis.schema database bdb suffix dc=example,dc=org |