mirror of
https://github.com/gensokyo-zone/infrastructure.git
synced 2026-02-09 12:29:19 -08:00
36 lines
776 B
Nix
36 lines
776 B
Nix
{
|
|
lib,
|
|
config,
|
|
...
|
|
}: let
|
|
inherit (lib) mkIf mkDefault;
|
|
cfg = config.services.kanidm;
|
|
in {
|
|
services.kanidm = {
|
|
enableServer = true;
|
|
enableClient = true;
|
|
server = {
|
|
unencrypted.enable = mkDefault true;
|
|
frontend = {
|
|
domain = mkDefault "id.${cfg.serverSettings.domain}";
|
|
address = mkDefault "0.0.0.0";
|
|
};
|
|
ldap = {
|
|
enable = mkDefault true;
|
|
address = mkDefault "0.0.0.0";
|
|
};
|
|
};
|
|
clientSettings = {
|
|
verify_ca = mkDefault true;
|
|
verify_hostnames = mkDefault true;
|
|
};
|
|
serverSettings = {
|
|
role = mkDefault "WriteReplica";
|
|
log_level = mkDefault "info";
|
|
};
|
|
};
|
|
users = mkIf cfg.enableServer {
|
|
users.kanidm.uid = 994;
|
|
groups.kanidm.gid = 993;
|
|
};
|
|
}
|