ilyakooo0/nixpkgs
1
0
Fork 0
mirror of https://github.com/ilyakooo0/nixpkgs.git synced 2025-01-02 17:09:09 +03:00
Code Issues Projects Releases Wiki Activity

openldap module: allow defining contents declaratively

Browse Source
This commit is contained in:
Léo Gaspard 2018-03-03 15:33:23 +01:00
parent cca9ec2a66
commit aeef7c91f1
No known key found for this signature in database
GPG Key ID: 8A55848B6090F9CF
1 changed files with 35 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
nixos/modules/services/databases/openldap.nix
View File

@ -7,6 +7,7 @@ let
cfg = config.services.openldap; cfg = config.services.openldap;
openldap = pkgs.openldap; openldap = pkgs.openldap;
dataFile = pkgs.writeText "ldap-contents.ldif" cfg.declarativeContents;
configFile = pkgs.writeText "slapd.conf" cfg.extraConfig; configFile = pkgs.writeText "slapd.conf" cfg.extraConfig;
configOpts = if cfg.configDir == null then "-f ${configFile}" configOpts = if cfg.configDir == null then "-f ${configFile}"
else "-F ${cfg.configDir}"; else "-F ${cfg.configDir}";
@ -82,6 +83,34 @@ in
''' '''
''; '';
}; };
declarativeContents = mkOption {
type = with types; nullOr lines;
default = null;
description = ''
Declarative contents for the LDAP database, in LDIF format.
Note a few facts when using it. First, the database
<emphasis>must</emphasis> be stored in the directory defined by
<code>dataDir</code>. Second, all <code>dataDir</code> will be erased
when starting the LDAP server. Third, modifications to the database
are not prevented, they are just dropped on the next reboot of the
server. Finally, performance-wise the database and indexes are rebuilt
on each server startup, so this will slow down server startup,
especially with large databases.
'';
example = ''
dn: dc=example,dc=org
objectClass: domain
dc: example
dn: ou=users,dc=example,dc=org
objectClass = organizationalUnit
ou: users
# ...
'';
};
}; };
}; };
@ -100,7 +129,13 @@ in
preStart = '' preStart = ''
mkdir -p /var/run/slapd mkdir -p /var/run/slapd
chown -R "${cfg.user}:${cfg.group}" /var/run/slapd chown -R "${cfg.user}:${cfg.group}" /var/run/slapd
${optionalString (cfg.declarativeContents != null) ''
rm -Rf "${cfg.dataDir}"
''}
mkdir -p "${cfg.dataDir}" mkdir -p "${cfg.dataDir}"
${optionalString (cfg.declarativeContents != null) ''
${openldap.out}/bin/slapadd ${configOpts} -l ${dataFile}
''}
chown -R "${cfg.user}:${cfg.group}" "${cfg.dataDir}" chown -R "${cfg.user}:${cfg.group}" "${cfg.dataDir}"
''; '';
serviceConfig.ExecStart = serviceConfig.ExecStart =