diff options
author | Kranium Gikos Mendoza <kranium@gikos.net> | 2016-05-21 19:49:14 +0800 |
---|---|---|
committer | Kranium Gikos Mendoza <kranium@gikos.net> | 2016-06-14 23:47:02 +0800 |
commit | f79930849a2cfda9af2a1b949544e3ebb19b48e4 (patch) | |
tree | 8f3eb45c336b9db2d78ecbcaf49eaf72351dc3b9 /nixos/modules/services | |
parent | fbde3a745259edf20dc8e275eee954875a2d50ab (diff) | |
download | nixlib-f79930849a2cfda9af2a1b949544e3ebb19b48e4.tar nixlib-f79930849a2cfda9af2a1b949544e3ebb19b48e4.tar.gz nixlib-f79930849a2cfda9af2a1b949544e3ebb19b48e4.tar.bz2 nixlib-f79930849a2cfda9af2a1b949544e3ebb19b48e4.tar.lz nixlib-f79930849a2cfda9af2a1b949544e3ebb19b48e4.tar.xz nixlib-f79930849a2cfda9af2a1b949544e3ebb19b48e4.tar.zst nixlib-f79930849a2cfda9af2a1b949544e3ebb19b48e4.zip |
openldap: add -h urlList in service so LDAP TLS could be enabled
Diffstat (limited to 'nixos/modules/services')
-rw-r--r-- | nixos/modules/services/databases/openldap.nix | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/nixos/modules/services/databases/openldap.nix b/nixos/modules/services/databases/openldap.nix index 9e86559dda04..4d205d07ec61 100644 --- a/nixos/modules/services/databases/openldap.nix +++ b/nixos/modules/services/databases/openldap.nix @@ -40,6 +40,13 @@ in description = "Group account under which slapd runs."; }; + urlList = mkOption { + type = types.listOf types.string; + default = [ "ldap:///" ]; + description = "URL list slapd should listen on."; + example = [ "ldaps:///" ]; + }; + dataDir = mkOption { type = types.string; default = "/var/db/openldap"; @@ -50,7 +57,7 @@ in type = types.lines; default = ""; description = " - sldapd.conf configuration + slapd.conf configuration "; example = '' include ''${pkgs.openldap}/etc/openldap/schema/core.schema @@ -87,7 +94,7 @@ in mkdir -p ${cfg.dataDir} chown -R ${cfg.user}:${cfg.group} ${cfg.dataDir} ''; - serviceConfig.ExecStart = "${openldap.out}/libexec/slapd -u ${cfg.user} -g ${cfg.group} -d 0 -f ${configFile}"; + serviceConfig.ExecStart = "${openldap.out}/libexec/slapd -u ${cfg.user} -g ${cfg.group} -d 0 -h \"${concatStringsSep " " cfg.urlList}\" -f ${configFile}"; }; users.extraUsers.openldap = |