Fix password hash file generation behavior
- Move the "create password hash file from hashed password" behavior to a separate variable, since having it in the default field of config would always cause the warning to trigger - Change type of hashedPassword to `nullOr str`
This commit is contained in:
Galen Abell
lewo
parent
7bda4c4f11
commit
6563abc1c4
5 changed files with 95 additions and 23 deletions
|
|
@ -66,6 +66,19 @@ let
|
|||
'';
|
||||
in {
|
||||
config = lib.mkIf enable {
|
||||
# assert that all accounts provide a password
|
||||
assertions = (map (acct: {
|
||||
assertion = (acct.hashedPassword != null || acct.hashedPasswordFile != null);
|
||||
message = "${acct.name} must provide either a hashed password or a password hash file";
|
||||
}) (lib.attrValues loginAccounts));
|
||||
|
||||
# warn for accounts that specify both password and file
|
||||
warnings = (map
|
||||
(acct: "${acct.name} specifies both a password hash and hash file; hash file will be used")
|
||||
(lib.filter
|
||||
(acct: (acct.hashedPassword != null && acct.hashedPasswordFile != null))
|
||||
(lib.attrValues loginAccounts)));
|
||||
|
||||
# set the vmail gid to a specific value
|
||||
users.groups = {
|
||||
"${vmailGroupName}" = { gid = vmailUID; };
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue