feat: add the ldap client to all servers
This commit is contained in:
parent
3028fe61d2
commit
f5b1cb33ef
2 changed files with 11 additions and 0 deletions
|
|
@ -20,6 +20,8 @@
|
||||||
# these are needed for teh program in question
|
# these are needed for teh program in question
|
||||||
imports = [];
|
imports = [];
|
||||||
|
|
||||||
|
# give users access to this server
|
||||||
|
#services.skynet_ldap_client.groups = ["skynet-users"];
|
||||||
|
|
||||||
options.services.skynet_ldap_client = {
|
options.services.skynet_ldap_client = {
|
||||||
# options that need to be passed in to make this work
|
# options that need to be passed in to make this work
|
||||||
|
|
|
||||||
|
|
@ -3,6 +3,9 @@
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
(modulesPath + "/virtualisation/proxmox-lxc.nix")
|
(modulesPath + "/virtualisation/proxmox-lxc.nix")
|
||||||
|
|
||||||
|
# every server needs teh ldap client for admins
|
||||||
|
../applications/ldap_client.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
# flakes are essensial
|
# flakes are essensial
|
||||||
|
|
@ -36,6 +39,12 @@
|
||||||
{ groups = [ "skynet-admins" ]; commands = [ { command = "ALL"; options = [ "NOPASSWD" ]; } ]; }
|
{ groups = [ "skynet-admins" ]; commands = [ { command = "ALL"; options = [ "NOPASSWD" ]; } ]; }
|
||||||
];
|
];
|
||||||
|
|
||||||
|
services.skynet_ldap_client = {
|
||||||
|
enable = true;
|
||||||
|
# skynet-admin will always be added, individual servers can override
|
||||||
|
groups = [];
|
||||||
|
};
|
||||||
|
|
||||||
networking = {
|
networking = {
|
||||||
# every sever needs to be accessable over ssh for admin use at least
|
# every sever needs to be accessable over ssh for admin use at least
|
||||||
firewall.allowedTCPPorts = [22];
|
firewall.allowedTCPPorts = [22];
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue