diff options
| author | Kai Wohlfahrt <kai.scorpio@gmail.com> | 2017-11-19 15:13:48 +0000 |
|---|---|---|
| committer | Kai Wohlfahrt <kai@prodo.ai> | 2018-12-11 13:33:10 +0000 |
| commit | f5b4918de42917469d359d3f2e019a7d174e9c1e (patch) | |
| tree | cf74abc12ee28417a2ee28ee1920849f63c661f1 /nixos/modules/services/system/kerberos | |
| parent | 4e4a599e7e20cf04b6dd8dbb10173cea742085c5 (diff) | |
| download | nixpkgs-f5b4918de42917469d359d3f2e019a7d174e9c1e.tar nixpkgs-f5b4918de42917469d359d3f2e019a7d174e9c1e.tar.gz nixpkgs-f5b4918de42917469d359d3f2e019a7d174e9c1e.tar.bz2 nixpkgs-f5b4918de42917469d359d3f2e019a7d174e9c1e.tar.lz nixpkgs-f5b4918de42917469d359d3f2e019a7d174e9c1e.tar.xz nixpkgs-f5b4918de42917469d359d3f2e019a7d174e9c1e.tar.zst nixpkgs-f5b4918de42917469d359d3f2e019a7d174e9c1e.zip | |
kerberos_server: ensure only one realm configured
Leave options for multiple realms for similarity to krb5, and future expansion. Currently not tested because I can't make it work and don't need it.
Diffstat (limited to 'nixos/modules/services/system/kerberos')
| -rw-r--r-- | nixos/modules/services/system/kerberos/default.nix | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/nixos/modules/services/system/kerberos/default.nix b/nixos/modules/services/system/kerberos/default.nix index 90be7e8d551..26ac85de402 100644 --- a/nixos/modules/services/system/kerberos/default.nix +++ b/nixos/modules/services/system/kerberos/default.nix @@ -1,7 +1,7 @@ {pkgs, config, lib, ...}: let - inherit (lib) mkOption mkIf types; + inherit (lib) mkOption mkIf types length attrNames; cfg = config.services.kerberos_server; kerberos = config.krb5.kerberos; @@ -72,5 +72,9 @@ in config = mkIf cfg.enable { environment.systemPackages = [ kerberos ]; + assertions = [{ + assertion = length (attrNames cfg.realms) <= 1; + message = "Only one realm per server is currently supported."; + }]; }; } |