23 lines
684 B
Nix
23 lines
684 B
Nix
{
|
|
services.lldap = {
|
|
enable = true;
|
|
settings = {
|
|
ldap_base_dn = "dc=stuce,dc=ch";
|
|
# forces localhost only !
|
|
ldap_host = "127.0.0.1";
|
|
http_host = "127.0.0.1";
|
|
ldap_user_email = "admin@example.com";
|
|
ldap_user_dn = "stuce_admin";
|
|
ldap_key = ""; # so warning shuts up !
|
|
# NOTE: this is in case of oopsies !
|
|
force_ldap_user_pass_reset = false;
|
|
# TODO: jwt file + user password + key seed script to gen
|
|
|
|
};
|
|
environment = {
|
|
LLDAP_JWT_SECRET_FILE = "/var/lib/lldap/jwt_secret";
|
|
LLDAP_LDAP_USER_PASS_FILE = "/var/lib/lldap/user_password";
|
|
LLDAP_KEY_SEED = "/var/lib/lldap/key_seed";
|
|
};
|
|
};
|
|
}
|