1 { pkgs, lib, config, ... }:
2 let inherit (builtins) baseNameOf readFile;
4 inherit (pkgs.lib) unlinesAttrs;
5 inherit (config.services) openldap;
6 inherit (config.users) ldap;
7 copyFile = file: pkgs.writeText (baseNameOf file) (readFile file);
11 openldap/sourcephile.nix
17 base = "ou=posix,${openldap.domainSuffix}";
19 #distinguishedName = "cn=admin,${openldap.domainSuffix}";
25 # NOTE: nslcd cannot use SASL to bind to rootpwmoddn
26 # which is the DN used by nslcd when passwd is run by root
27 # to change the userPassword of an LDAP user.
28 # SEE: https://www.reddit.com/r/linuxadmin/comments/53sxpl/how_do_i_configure_nslcd_to_use_a_sasl_external/d7w9awd/
29 # Thus, use: ldappasswd -H ldapi:// -Y EXTERNAL uid=$SomeUID,ou=accounts,ou=posix,dc=sourcephile,dc=fr
35 dataDir = "/var/db/ldap";
36 configDir = "/var/db/slapd";
37 urlList = [ "ldapi:///" ]; # UNIX socket