home-assistant: fix ldap provider

2023-04-08 21:07:31 +02:00 · 2023-04-08 21:07:31 +02:00 · 0852142e98
parent 111dcceb47
commit 0852142e98
1 changed files with 6 additions and 4 deletions
--- a/hosts/home-assistant/default.nix
+++ b/hosts/home-assistant/default.nix
@ -36,23 +36,25 @@
              args =
                let
                  ldap = config.security.ldap;
+                  sed = "${pkgs.gnused}/bin/sed";
                in
                [
                  # https://github.com/bob1de/ldap-auth-sh/blob/master/examples/home-assistant.cfg
                  (pkgs.writeText "config.cfg" /* shell */ ''
-                    ATTRS=${ldap.roleField}
-                    CLIENT=ldapsearch
+                    ATTRS="${ldap.userField}"
+                    CLIENT="ldapsearch"
                    DEBUG=0
                    FILTER="${ldap.groupFilter "home-assistant"}"
+                    NAME_ATTR="${ldap.userField}"
                    SCOPE="base"
-                    SERVER=ldaps://${ldap.domainName}
+                    SERVER="ldaps://${ldap.domainName}"
                    USERDN="uid=$(ldap_dn_escape "$username"),${ldap.userBaseDN}"
                    BASEDN="$USERDN"

                    on_auth_success() {
                      # print the meta entries for use in HA
                      if [ ! -z "$NAME_ATTR" ]; then
-                        name=$(echo "$output" | sed -nr "s/^\s*$NAME_ATTR:\s*(.+)\s*\$/\1/Ip")
+                        name=$(echo "$output" | ${sed} -nr "s/^\s*$NAME_ATTR:\s*(.+)\s*\$/\1/Ip")
                        [ -z "$name" ] || echo "name=$name"
                      fi
                    }