adding secrets for dnpass
This commit is contained in:
parent
16351819ca
commit
1fce631c24
|
@ -6,7 +6,8 @@ let
|
||||||
ldap-auth-config = pkgs.writeText ''
|
ldap-auth-config = pkgs.writeText ''
|
||||||
hosts = auth.c3d2.de
|
hosts = auth.c3d2.de
|
||||||
dn = uid=search,ou=users,dc=c3d2,dc=de
|
dn = uid=search,ou=users,dc=c3d2,dc=de
|
||||||
dnpass = #add cat sops help where credential sandro help
|
|
||||||
|
!include ${config.sops.secrets."ldap/search-user-pw".path}
|
||||||
auth_bind = yes
|
auth_bind = yes
|
||||||
auth_bind_userdn = uid=%u,ou=users,dc=c3d2,dc=de
|
auth_bind_userdn = uid=%u,ou=users,dc=c3d2,dc=de
|
||||||
ldap_version = 3
|
ldap_version = 3
|
||||||
|
@ -46,6 +47,11 @@ in
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
sops.secrets."ldap/search-user-pw" = {
|
||||||
|
owner = config.systemd.services.dovecot2.serviceConfig.User;
|
||||||
|
group = config.systemd.services.dovecot2.serviceConfig.Group;
|
||||||
|
};
|
||||||
|
|
||||||
services = {
|
services = {
|
||||||
postfix = {
|
postfix = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
mock-data: ENC[AES256_GCM,data:fQ88gg==,iv:TphtBcDzX9xHW8eu4BwyitiOg6D6pnTRUrVtMUOjKTo=,tag:v4xjJNFTKyA7kbjeXDDz7w==,type:bool]
|
ldap:
|
||||||
|
search-user-pw: ENC[AES256_GCM,data:Pd6Qy8Ilu1RAkIOnpHNoGV+VBNCg/IAl9InWOGDlsTSbDVqK4B5aUmX2sl0=,iv:nZQwmiWJtQ4AmzAgv3Fhh625K11U4uxTCE6Rj5okRns=,tag:v9pVGrSQoaGGYG5X8wUyoA==,type:str]
|
||||||
sops:
|
sops:
|
||||||
kms: []
|
kms: []
|
||||||
gcp_kms: []
|
gcp_kms: []
|
||||||
|
@ -23,8 +24,8 @@ sops:
|
||||||
bTBPcjZCZFNBWWtUVGNRUWE4eTA1ZjgKF4qoSyKCL2ytTf5vZRVLFr89R5/7HCji
|
bTBPcjZCZFNBWWtUVGNRUWE4eTA1ZjgKF4qoSyKCL2ytTf5vZRVLFr89R5/7HCji
|
||||||
hsPXdE607b+s5PAaOPMWF8Zfy7QJr6hqG9+Pbr4FnGB5nTvTsO5d3Q==
|
hsPXdE607b+s5PAaOPMWF8Zfy7QJr6hqG9+Pbr4FnGB5nTvTsO5d3Q==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2022-02-25T18:51:17Z"
|
lastmodified: "2022-12-18T19:16:04Z"
|
||||||
mac: ENC[AES256_GCM,data:/xwOBXbYBd9TqosVFDEAyjVBOcZ1NdxNEz5nTmaFwiBHJSICflX54YSx+1QT44jFCkDFdvf3ZSojZ/bJ9EBsGZycaa4dQvReF5jjMnDzdwPvf+R84F/QuyHZTNnxXfneXUP9SWcenREr/ku/96x7ignKg1n4YsRq1hiot4W8sFk=,iv:7gzXGTlZ+A6ihSF6B94ttyWlREXLTUJukv45nBYPVKI=,tag:E3zlnQrMs0gCNdeuX2Bmfw==,type:str]
|
mac: ENC[AES256_GCM,data:7bqWB5fzhL6J18vak2pfW0Oq8mo0iLiHefCYEklTcUVVHOJy//hO9yw95gjUpGyq6Fx77SKOgu7SaM2bnBOTSdbvoz3mUsUZUUztSlJ+vrXNeD2tNHES6laa3W+lxDwl4WYOz5rPM5oOo0jWuMkIayE+fYC6d21AK8H910fdMjQ=,iv:tYIt1vi4FQezs7LoLXiF4J++KHUOQV8tYfap3l072zY=,tag:Pu0pXHG3WI1WoWXwCvKAXg==,type:str]
|
||||||
pgp:
|
pgp:
|
||||||
- created_at: "2022-07-15T23:32:09Z"
|
- created_at: "2022-07-15T23:32:09Z"
|
||||||
enc: |
|
enc: |
|
||||||
|
@ -179,4 +180,4 @@ sops:
|
||||||
-----END PGP MESSAGE-----
|
-----END PGP MESSAGE-----
|
||||||
fp: 91EBE87016391323642A6803B966009D57E69CC6
|
fp: 91EBE87016391323642A6803B966009D57E69CC6
|
||||||
unencrypted_suffix: _unencrypted
|
unencrypted_suffix: _unencrypted
|
||||||
version: 3.7.1
|
version: 3.7.3
|
||||||
|
|
Loading…
Reference in New Issue