root/flake
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

make rootpass secure and static

Browse source
This commit is contained in:
= 2025-11-09 00:11:12 +00:00
parent ec5f40fa53
commit 4e1bcd6425
1 changed files with 7 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

9
services/lldap.nix
View file

@ -1,7 +1,11 @@
{config, ...}: let {config, ...}: let
lldapPort = 8089; lldapPort = 8089;
in { in {
age.secrets."hidden_service/lldap".file = ../secrets/hidden_service/lldap; age.secrets = {
"hidden_service/lldap".file = ../secrets/hidden_service/lldap;
"lldap_root_pass".file = ../secrets/lldap_root_pass;
}
services.lldap = { services.lldap = {
enable = true; enable = true;
@ -11,7 +15,8 @@ in {
ldap_user_email = "root@distrust.network"; ldap_user_email = "root@distrust.network";
ldap_user_dn = "root"; ldap_user_dn = "root";
ldap_base_dn = "dc=distrust,dc=network"; ldap_base_dn = "dc=distrust,dc=network";
ldap_user_pass = "VERY_SECURE"; ldap_user_pass_file = config.age.secrets."lldap_root_pass".path;
force_ldap_user_pass_reset = true;
}; };
}; };