From 0000000f1d84a67f8e567e6c111b63f7320e398c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= Date: Fri, 5 May 2023 00:57:50 +0200 Subject: [PATCH] mastodon: move ldap to nixos-modules --- flake.lock | 6 +++--- hosts/mastodon/default.nix | 13 +------------ 2 files changed, 4 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index 7394f31a..2ad957b0 100644 --- a/flake.lock +++ b/flake.lock @@ -421,11 +421,11 @@ ] }, "locked": { - "lastModified": 1683057005, - "narHash": "sha256-e3uDaI4u1w6/7YxU/U5sV2Oayapu5AEMFUeiQFF/LHI=", + "lastModified": 1683241081, + "narHash": "sha256-eTz73pjTKEgzFfG6V7oA2LK1Wfv2ZFoSe7vUNphrPAc=", "owner": "SuperSandro2000", "repo": "nixos-modules", - "rev": "e220c41ceed6b3a21352865779c4f3df354a525e", + "rev": "d06e5fde7fdc1847322e9b30f83a32c380eb2f20", "type": "github" }, "original": { diff --git a/hosts/mastodon/default.nix b/hosts/mastodon/default.nix index a8136145..6a8f11f1 100644 --- a/hosts/mastodon/default.nix +++ b/hosts/mastodon/default.nix @@ -110,23 +110,12 @@ enable = true; configureNginx = true; elasticsearch.host = "127.0.0.1"; + ldap.enable = true; extraConfig = { ALTERNATE_DOMAINS = lib.concatStringsSep "," config.services.nginx.virtualHosts.${config.services.mastodon.localDomain}.serverAliases; DEFAULT_LOCALE = "de"; WEB_CONCURRENCY = toString config.microvm.vcpu; # MAX_THREADS = toString config.microvm.vcpu; - LOG_LEVEL = "debug"; - - LDAP_ENABLED = "true"; - LDAP_METHOD = "simple_tls"; - LDAP_HOST = "auth.c3d2.de"; - LDAP_PORT = "636"; - LDAP_BIND_DN = "uid=search,ou=users,dc=c3d2,dc=de"; - LDAP_BASE = "ou=users,dc=c3d2,dc=de"; - LDAP_SEARCH_FILTER = "(&(objectclass=person)(|(%{uid}=%{email})(%{mail}=%{email})))"; - LDAP_UID = "uid"; - # convert .,- (space) in LDAP usernames to underscore - LDAP_UID_CONVERSION_ENABLED = "true"; }; localDomain = "c3d2.social"; otpSecretFile = config.sops.secrets."mastodon/otp-secret".path;