diff options
author | Florian Klink <flokli@flokli.de> | 2020-05-06 00:09:59 +0200 |
---|---|---|
committer | Florian Klink <flokli@flokli.de> | 2020-05-11 16:14:50 +0200 |
commit | 4f9c8ef7911d5fdf125b6959244f18270e8e0a19 (patch) | |
tree | 3f50789c5617f9372347f7849837e3a84df6fbf1 /nixos/modules | |
parent | 36b6e26d40ae8219302c52cac7f5ac5db9b73532 (diff) | |
download | nixlib-4f9c8ef7911d5fdf125b6959244f18270e8e0a19.tar nixlib-4f9c8ef7911d5fdf125b6959244f18270e8e0a19.tar.gz nixlib-4f9c8ef7911d5fdf125b6959244f18270e8e0a19.tar.bz2 nixlib-4f9c8ef7911d5fdf125b6959244f18270e8e0a19.tar.lz nixlib-4f9c8ef7911d5fdf125b6959244f18270e8e0a19.tar.xz nixlib-4f9c8ef7911d5fdf125b6959244f18270e8e0a19.tar.zst nixlib-4f9c8ef7911d5fdf125b6959244f18270e8e0a19.zip |
nixos/ldap: move nss database configuration into ldap module
now that passwdArray and shadowArray aren't used anymore, these can be folded.
Diffstat (limited to 'nixos/modules')
-rw-r--r-- | nixos/modules/config/ldap.nix | 4 | ||||
-rw-r--r-- | nixos/modules/config/nsswitch.nix | 17 |
2 files changed, 7 insertions, 14 deletions
diff --git a/nixos/modules/config/ldap.nix b/nixos/modules/config/ldap.nix index 4c8b527676b2..1a5dbcd4e26b 100644 --- a/nixos/modules/config/ldap.nix +++ b/nixos/modules/config/ldap.nix @@ -244,6 +244,10 @@ in if cfg.daemon.enable then nss_pam_ldapd else nss_ldap ); + system.nssDatabases.group = optional cfg.nsswitch "ldap"; + system.nssDatabases.passwd = optional cfg.nsswitch "ldap"; + system.nssDatabases.shadow = optional cfg.nsswitch "ldap"; + users = mkIf cfg.daemon.enable { groups.nslcd = { gid = config.ids.gids.nslcd; diff --git a/nixos/modules/config/nsswitch.nix b/nixos/modules/config/nsswitch.nix index 22ddb3490c8e..465c910d95b6 100644 --- a/nixos/modules/config/nsswitch.nix +++ b/nixos/modules/config/nsswitch.nix @@ -11,7 +11,6 @@ let # XXX Move these to their respective modules nssmdns = canLoadExternalModules && config.services.avahi.nssmdns; nsswins = canLoadExternalModules && config.services.samba.nsswins; - ldap = canLoadExternalModules && (config.users.ldap.enable && config.users.ldap.nsswitch); hostArray = mkMerge [ (mkBefore [ "files" ]) @@ -21,16 +20,6 @@ let (mkIf nssmdns (mkOrder 1501 [ "mdns" ])) # 1501 to ensure it's after dns ]; - passwdArray = mkMerge [ - (mkBefore [ "files" ]) - (mkIf ldap [ "ldap" ]) - ]; - - shadowArray = mkMerge [ - (mkBefore [ "files" ]) - (mkIf ldap [ "ldap" ]) - ]; - in { options = { @@ -145,9 +134,9 @@ in { ''; system.nssDatabases = { - passwd = passwdArray; - group = passwdArray; - shadow = shadowArray; + passwd = mkBefore [ "files" ]; + group = mkBefore [ "files" ]; + shadow = mkBefore [ "files" ]; hosts = hostArray; services = mkBefore [ "files" ]; }; |