first commit

2025-11-13 16:01:47 +01:00 · 2025-11-13 16:01:47 +01:00 · e46461326d
commit e46461326d
10 changed files with 632 additions and 0 deletions
--- a/lldap.nix
+++ b/lldap.nix
@ -0,0 +1,23 @@
+{
+  services.lldap = {
+    enable = true;
+    settings = {
+      ldap_base_dn = "dc=stuce,dc=ch";
+      # forces localhost only !
+      ldap_host = "127.0.0.1";
+      http_host = "127.0.0.1";
+      ldap_user_email = "admin@example.com";
+      ldap_user_dn = "stuce_admin";
+      ldap_key = ""; # so warning shuts up !
+      # NOTE: this is in case of oopsies !
+      force_ldap_user_pass_reset = false;
+      # TODO: jwt file + user password + key seed script to gen
+
+    };
+    environment = {
+      LLDAP_JWT_SECRET_FILE = "/var/lib/lldap/jwt_secret";
+      LLDAP_LDAP_USER_PASS_FILE = "/var/lib/lldap/user_password";
+      LLDAP_KEY_SEED = "/var/lib/lldap/key_seed";
+    };
+  };
+}