plasmagoat/homelab
1
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

Compare commits

base: plasmagoat:2f72b0894a63ba62b58f43048fb132bfc8b22737
Branches Tags
plasmagoat:main
plasmagoat:automated-pr
...
compare: plasmagoat:5dede30f62cd099b3e70966f91a559c26bee0774
Branches Tags
plasmagoat:automated-pr
plasmagoat:main

2 commits
2f72b0894a ... 5dede30f62

Author SHA1 Message Date
Forgejo Bot
5dede30f62 feat: automated changes 2025-07-18 06:01:21 +00:00
plasmagoat
6972897c46 forgot password
Some checks failed
Test / tests (push) Failing after 2m13s
Details
2025-07-17 12:22:38 +02:00
2 changed files with 19 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

6
flake.lock generated
View file

@ -188,11 +188,11 @@
}, },
"nixpkgs_2": { "nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1752624097, "lastModified": 1752817886,
"narHash": "sha256-mQCof2VccFzF7cmXy43n3GCwSN2+m8TVhZpGLx9sxVc=", "narHash": "sha256-ixiHcBqWAubQYbXEXeEnqhwEj9Bz7GoLL904bZ+Autc=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "d7c8095791ce3aafe97d9c16c1dc2f4e3d69a3ba", "rev": "3ee71bd9a139787964bc89c67989fda8ccc599e6",
"type": "github" "type": "github"
}, },
"original": { "original": {

16
machines/auth/lldap.nix
View file

@ -15,6 +15,10 @@ in {
"lldap/admin_password".owner = "lldap"; "lldap/admin_password".owner = "lldap";
}; };
sops.templates."lldap_config.toml".content = ''
LLDAP_SMTP_OPTIONS__PASSWORD=${config.sops.placeholder."lldap/admin_password"}
'';
networking.firewall.allowedTCPPorts = [ networking.firewall.allowedTCPPorts = [
cfg.settings.http_port cfg.settings.http_port
cfg.settings.ldap_port cfg.settings.ldap_port
@ -25,8 +29,11 @@ in {
services.lldap = { services.lldap = {
enable = true; enable = true;
settings = { settings = {
verbose = true;
ldap_base_dn = "dc=procopius,dc=dk"; ldap_base_dn = "dc=procopius,dc=dk";
ldap_user_email = "admin@procopius.dk"; ldap_user_email = "admin@procopius.dk";
http_url = "https://lldap.procopius.dk";
enable_password_reset = true;
database_url = "postgresql://lldap@localhost/lldap?host=/run/postgresql"; database_url = "postgresql://lldap@localhost/lldap?host=/run/postgresql";
}; };
@ -34,7 +41,16 @@ in {
LLDAP_JWT_SECRET_FILE = config.sops.secrets."lldap/jwt_secret".path; LLDAP_JWT_SECRET_FILE = config.sops.secrets."lldap/jwt_secret".path;
LLDAP_KEY_SEED_FILE = config.sops.secrets."lldap/key_seed".path; LLDAP_KEY_SEED_FILE = config.sops.secrets."lldap/key_seed".path;
LLDAP_LDAP_USER_PASS_FILE = config.sops.secrets."lldap/admin_password".path; LLDAP_LDAP_USER_PASS_FILE = config.sops.secrets."lldap/admin_password".path;
LLDAP_SMTP_OPTIONS__ENABLE_PASSWORD_RESET = "true";
LLDAP_SMTP_OPTIONS__SERVER = "mail.procopius.dk";
LLDAP_SMTP_OPTIONS__PORT = "465";
LLDAP_SMTP_OPTIONS__SMTP_ENCRYPTION = "TLS";
LLDAP_SMTP_OPTIONS__USER = "admin@procopius.dk";
LLDAP_SMTP_OPTIONS__FROM = "LLDAP Admin <admin@procopius.dk>";
LLDAP_SMTP_OPTIONS__REPLY_TO = "Do not reply <noreply@procopius.dk>";
}; };
environmentFile = config.sops.templates."lldap_config.toml".path;
}; };
systemd.services.lldap = let systemd.services.lldap = let