gensokyo-zone/infrastructure
1
0
Fork 0
mirror of https://github.com/gensokyo-zone/infrastructure.git synced 2026-02-09 20:39:18 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix(network): bleh

Browse source
This commit is contained in:
Kat Inskip 2022-09-25 22:48:55 -07:00
parent e72d79dd3a
commit 1ea58b491e
Signed by: kat
GPG key ID: 465E64DECEA8CF0F
3 changed files with 5 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

2
nixos/network.nix
View file

@ -365,7 +365,7 @@
) (filterAttrs (network: settings: settings.create_cert) config.domains);
domains' = mapAttrs' (network: settings:
nameValuePair "${fixedTarget settings}-key" {
text = tf.acme.certs.${fixedTarget settings}.out.refFullchainPem;
text = tf.acme.certs.${fixedTarget settings}.out.refPrivateKeyPem;
owner = settings.owner;
group = settings.group;
mode = "0440";

2
services/keycloak.nix
View file

@ -30,7 +30,7 @@ in {
users.groups.domain-auth = {
gid = 10600;
members = [ "keycloak" ];
members = [ "keycloak" "openldap" ];
};
systemd.services.keycloak.script = lib.mkBefore ''

3
services/openldap/default.nix
View file

@ -2,8 +2,11 @@
networks.internet.tcp = [ 636 ];
users.groups.domain-auth.members = [ "openldap" ];
services.openldap = {
enable = true;
group = "domain-auth";
urlList = [ "ldap:///" "ldaps:///" ];
settings = {
attrs = {