gensokyo-zone/infrastructure
1
0
Fork 0
mirror of https://github.com/gensokyo-zone/infrastructure.git synced 2026-02-09 04:19:19 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat(ci): ldap shell aliases

Browse source
This commit is contained in:
arcnmx 2024-03-13 15:36:12 -07:00
parent 926290306a
commit 81b20878f1
3 changed files with 74 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

2
.envrc
View file

@ -6,7 +6,7 @@ source_env_if_exists ".envrc.${USER-$(id -un)}"
source_env_if_exists .envrc.conf source_env_if_exists .envrc.conf
use flake "${FLAKE_ARGS[@]}" use flake ".#${FLAKE_DEVSHELL-}" "${FLAKE_ARGS[@]}"
export FLAKE_OPTS=${FLAKE_OPTS:-"${FLAKE_ARGS[*]}"} export FLAKE_OPTS=${FLAKE_OPTS:-"${FLAKE_ARGS[*]}"}
watch_file outputs.nix watch_file outputs.nix

73
devShells.nix
View file

@ -3,7 +3,13 @@
system, system,
}: let }: let
inherit (inputs.self.legacyPackages.${system}) pkgs; inherit (inputs.self.legacyPackages.${system}) pkgs;
inherit (inputs.self.lib.nixlib) optionalString; inherit (inputs.self.lib.lib) mkBaseDn;
inherit (inputs.self.lib.nixlib) optionalString concatStringsSep;
ldapHostArg = concatStringsSep "," [
"ldaps://ldap.local.${inputs.self.lib.lib.domain}"
"ldaps://idp.${inputs.self.lib.lib.domain}"
];
ldapBaseDn = mkBaseDn inputs.self.lib.lib.domain;
mkWrapper = { mkWrapper = {
name, name,
attr ? name, attr ? name,
@ -20,8 +26,8 @@
else "-c ${exe}"; else "-c ${exe}";
in in
pkgs.writeShellScriptBin name '' pkgs.writeShellScriptBin name ''
${optionalString (subdir != null) ''cd "$NF_CONFIG_ROOT${subdir}"''} ${optionalString (subdir != null) ''cd "''${NF_CONFIG_ROOT-${toString ./.}}${subdir}"''}
exec nix ${subcommand} ''${FLAKE_OPTS-} "$NF_CONFIG_ROOT#${attr}" ${exeArg} "$@" exec nix ${subcommand} ''${FLAKE_OPTS-} "''${NF_CONFIG_ROOT-${toString ./.}}#${attr}" ${exeArg} "$@"
''; '';
nf-tf = pkgs.writeShellScriptBin "nf-tf" '' nf-tf = pkgs.writeShellScriptBin "nf-tf" ''
cd "$NF_CONFIG_ROOT/tf" cd "$NF_CONFIG_ROOT/tf"
@ -89,6 +95,51 @@
attr = "pkgs.freeradius"; attr = "pkgs.freeradius";
exe = name; exe = name;
}) })
(mkWrapper rec {
name = "smbclient";
attr = "pkgs.samba";
exe = name;
})
(mkWrapper rec {
name = "smbpasswd";
attr = "pkgs.samba";
exe = name;
})
(mkWrapper rec {
name = "net";
attr = "pkgs.samba";
exe = name;
})
(mkWrapper rec {
name = "ldapwhoami";
attr = "pkgs.openldap";
exe = "${name} -H ${ldapHostArg}";
})
(mkWrapper rec {
name = "ldappasswd";
attr = "pkgs.openldap";
exe = "${name} -H ${ldapHostArg}";
})
(mkWrapper rec {
name = "ldapsearch";
attr = "pkgs.openldap";
exe = "${name} -H ${ldapHostArg} -b ${ldapBaseDn} -o ldif_wrap=no";
})
(mkWrapper rec {
name = "ldapadd";
attr = "pkgs.openldap";
exe = "${name} -H ${ldapHostArg}";
})
(mkWrapper rec {
name = "ldapmodify";
attr = "pkgs.openldap";
exe = "${name} -H ${ldapHostArg}";
})
(mkWrapper rec {
name = "ldapdelete";
attr = "pkgs.openldap";
exe = "${name} -H ${ldapHostArg}";
})
]; ];
shellHook = '' shellHook = ''
export NIX_BIN_DIR=$(dirname $(readlink -f $(type -P nix))) export NIX_BIN_DIR=$(dirname $(readlink -f $(type -P nix)))
@ -98,6 +149,20 @@
export NF_CONFIG_ROOT=''${NF_CONFIG_ROOT-${toString ./.}} export NF_CONFIG_ROOT=''${NF_CONFIG_ROOT-${toString ./.}}
''; '';
}; };
arc = let
ldapdm = cmd: pkgs.writeShellScriptBin "dm-${cmd}" ''
${cmd} -D 'cn=Directory Manager' -y <(bitw get -f password ldap-directory-manager) "$@"
'';
in default.overrideAttrs (default: {
nativeBuildInputs = default.nativeBuildInputs ++ [
(ldapdm "ldapwhoami")
(ldapdm "ldappasswd")
(ldapdm "ldapsearch")
(ldapdm "ldapadd")
(ldapdm "ldapmodify")
(ldapdm "ldapdelete")
];
});
in { in {
inherit default; inherit default arc;
} }

6
lib.nix
View file

@ -7,7 +7,7 @@
inherit (nixlib.strings) splitString toLower; inherit (nixlib.strings) splitString toLower;
inherit (nixlib.lists) imap0 elemAt; inherit (nixlib.lists) imap0 elemAt;
inherit (nixlib.attrsets) listToAttrs nameValuePair; inherit (nixlib.attrsets) listToAttrs nameValuePair;
inherit (nixlib.strings) substring fixedWidthString replaceStrings; inherit (nixlib.strings) substring fixedWidthString replaceStrings concatMapStringsSep;
inherit (nixlib.trivial) flip toHexString bitOr; inherit (nixlib.trivial) flip toHexString bitOr;
toHexStringLower = v: toLower (toHexString v); toHexStringLower = v: toLower (toHexString v);
@ -33,6 +33,8 @@
userIs = group: user: builtins.elem group (user.extraGroups ++ [user.group]); userIs = group: user: builtins.elem group (user.extraGroups ++ [user.group]);
mkWinPath = replaceStrings ["/"] ["\\"]; mkWinPath = replaceStrings ["/"] ["\\"];
mkBaseDn = domain: concatMapStringsSep "," (part: "dc=${part}") (splitString "." domain);
in { in {
inherit tree nixlib inputs systems; inherit tree nixlib inputs systems;
meta = tree.impure; meta = tree.impure;
@ -40,7 +42,7 @@ in {
Std = inputs.std-fl.lib; Std = inputs.std-fl.lib;
lib = { lib = {
domain = "gensokyo.zone"; domain = "gensokyo.zone";
inherit mkWinPath userIs eui64 toHexStringLower hexCharToInt; inherit mkWinPath mkBaseDn userIs eui64 toHexStringLower hexCharToInt;
inherit (inputs.arcexprs.lib) unmerged json; inherit (inputs.arcexprs.lib) unmerged json;
}; };
generate = import ./generate.nix {inherit inputs tree;}; generate = import ./generate.nix {inherit inputs tree;};