let
inherit (builtins) baseNameOf readFile;
inherit (lib) types;
- inherit (pkgs.lib) unlinesAttrs;
inherit (config.services) openldap;
inherit (config.users) ldap;
+ unlines = lib.concatStringsSep "\n";
+ unlinesAttrs = f: as: unlines (lib.mapAttrsToList f as);
in
{
options = {
dn: cn={0}module,cn=config
objectClass: olcModuleList
olcModulePath: ${pkgs.openldap}/lib/modules
- olcModuleLoad: pw-sha2
- olcModuleLoad: pw-pbkdf2
+ #olcModuleLoad: pw-sha2
+ #olcModuleLoad: pw-pbkdf2
olcModuleLoad: back_mdb
dn: olcDatabase={-1}frontend,cn=config
olcAccess: to dn.base="cn=Subschema"
by * read
# Hash algorithm to be used by LDAP Password Modify Extended Operation or the ppolicy overlay
- olcPasswordHash: {PBKDF2-SHA256}
+ #olcPasswordHash: {PBKDF2-SHA256}
+ olcPasswordHash: {SSHA}
dn: olcDatabase={0}config,cn=config
objectClass: olcDatabaseConfig
unlinesAttrs (olcSuffix: {data, olcDbDirectory, ...}: lib.optionalString (data != null) ''
${pkgs.openldap}/bin/slapadd \
-F "${openldap.configDir}" \
+ -b ${olcSuffix} \
-l ${pkgs.writeText "data.ldif" data}
'' + ''
test ! -e "${olcDbDirectory}" ||
sourcephile / git / sourcephile-nix.git / blobdiff