mirror of
https://github.com/gensokyo-zone/infrastructure.git
synced 2026-02-10 04:49:19 -08:00
33 lines
712 B
Nix
33 lines
712 B
Nix
{
|
|
lib,
|
|
config,
|
|
...
|
|
}: let
|
|
inherit (lib) mkDefault;
|
|
cfg = config.services.kanidm;
|
|
in {
|
|
services.kanidm = {
|
|
enableServer = true;
|
|
enableClient = true;
|
|
server = {
|
|
unencrypted.enable = mkDefault true;
|
|
openFirewall = mkDefault true;
|
|
frontend = {
|
|
domain = mkDefault "id.${cfg.serverSettings.domain}";
|
|
address = mkDefault "0.0.0.0";
|
|
};
|
|
ldap = {
|
|
enable = mkDefault true;
|
|
address = mkDefault "0.0.0.0";
|
|
};
|
|
};
|
|
clientSettings = {
|
|
verify_ca = mkDefault true;
|
|
verify_hostnames = mkDefault true;
|
|
};
|
|
serverSettings = {
|
|
role = mkDefault "WriteReplica";
|
|
log_level = mkDefault "info";
|
|
};
|
|
};
|
|
}
|