diff options
Diffstat (limited to 'nixpkgs/nixos/modules/config/ldap.nix')
| -rw-r--r-- | nixpkgs/nixos/modules/config/ldap.nix | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/nixpkgs/nixos/modules/config/ldap.nix b/nixpkgs/nixos/modules/config/ldap.nix index b554f197dc4..1a5dbcd4e26 100644 --- a/nixpkgs/nixos/modules/config/ldap.nix +++ b/nixpkgs/nixos/modules/config/ldap.nix @@ -88,6 +88,7 @@ in }; useTLS = mkOption { + type = types.bool; default = false; description = '' If enabled, use TLS (encryption) over an LDAP (port 389) @@ -109,6 +110,7 @@ in daemon = { enable = mkOption { + type = types.bool; default = false; description = '' Whether to let the nslcd daemon (nss-pam-ldapd) handle the @@ -242,6 +244,10 @@ in if cfg.daemon.enable then nss_pam_ldapd else nss_ldap ); + system.nssDatabases.group = optional cfg.nsswitch "ldap"; + system.nssDatabases.passwd = optional cfg.nsswitch "ldap"; + system.nssDatabases.shadow = optional cfg.nsswitch "ldap"; + users = mkIf cfg.daemon.enable { groups.nslcd = { gid = config.ids.gids.nslcd; |