nixos-modules/modules/portunus.nix

{ config, lib, ... }:

let
  cfg = config.services.portunus;
in
{
  options.services.portunus = {
    addToHosts = lib.mkOption {
      type = lib.types.bool;
      default = false;
      description = lib.mdDoc "Whether to add a hosts entry for the portunus domain pointing to externalIp";
    };

    internalIp4 = lib.mkOption {
      type = with lib.types; nullOr str;
      default = null;
      description = lib.mdDoc "Internal IPv4 of portunus instance. This is used in the addToHosts option.";
    };

    internalIp6 = lib.mkOption {
      type = with lib.types; nullOr str;
      default = null;
      description = lib.mdDoc "Internal IPv6 of portunus instance. This is used in the addToHosts option.";
    };

    ldapPreset = lib.mkOption {
      type = lib.types.bool;
      default = false;
      description = lib.mdDoc "Whether to set config.security.ldap to portunus specific settings.";
    };
  };

  config = {
    networking.hosts = lib.mkIf cfg.addToHosts {
      ${cfg.internalIp4} = [ cfg.domain ];
      ${cfg.internalIp6} = [ cfg.domain ];
    };

    security.ldap = lib.mkIf cfg.ldapPreset {
      roleBaseDN = "ou=groups";
      roleField = "cn";
      roleFilter = "(&(objectclass=groupOfNames)(member=%s))";
      roleValue = "dn";
      searchUID = "search";
      server = cfg.domain;
      userField = "uid";
      # TODO: add enum setting for login with username, email or both
      # userFilter = "(&(objectclass=person)(|(uid=%s)(mail=%s)))";
      userFilter = "(&(objectclass=person)(uid=%s))";
      userBaseDN = "ou=users";
    };
  };
}
portunus: add option to create hosts entries 2022-12-22 21:58:24 +01:00			`{ config, lib, ... }:`

portunus: only open port when service is enabled 2022-12-22 22:01:28 +01:00			`let`
portunus: add option to create hosts entries 2022-12-22 21:58:24 +01:00			`cfg = config.services.portunus;`
			`in`
			`{`
			`options.services.portunus = {`
portunus: add ldap preset 2023-01-17 00:23:31 +01:00			`addToHosts = lib.mkOption {`
			`type = lib.types.bool;`
			`default = false;`
Fix typos 2023-01-17 02:14:18 +01:00			`description = lib.mdDoc "Whether to add a hosts entry for the portunus domain pointing to externalIp";`
portunus: add ldap preset 2023-01-17 00:23:31 +01:00			`};`

portunus: fix setting names 2023-02-23 00:34:37 +01:00			`internalIp4 = lib.mkOption {`
portunus: add option to create hosts entries 2022-12-22 21:58:24 +01:00			`type = with lib.types; nullOr str;`
			`default = null;`
			`description = lib.mdDoc "Internal IPv4 of portunus instance. This is used in the addToHosts option.";`
			`};`

portunus: fix setting names 2023-02-23 00:34:37 +01:00			`internalIp6 = lib.mkOption {`
portunus: add option to create hosts entries 2022-12-22 21:58:24 +01:00			`type = with lib.types; nullOr str;`
			`default = null;`
			`description = lib.mdDoc "Internal IPv6 of portunus instance. This is used in the addToHosts option.";`
			`};`

portunus: add ldap preset 2023-01-17 00:23:31 +01:00			`ldapPreset = lib.mkOption {`
portunus: add option to create hosts entries 2022-12-22 21:58:24 +01:00			`type = lib.types.bool;`
Set missing default value 2023-01-17 00:56:46 +01:00			`default = false;`
Fix typos 2023-01-17 02:14:18 +01:00			`description = lib.mdDoc "Whether to set config.security.ldap to portunus specific settings.";`
portunus: add option to create hosts entries 2022-12-22 21:58:24 +01:00			`};`
			`};`

portunus: add ldap preset 2023-01-17 00:23:31 +01:00			`config = {`
			`networking.hosts = lib.mkIf cfg.addToHosts {`
portunus: fix setting names 2023-02-23 00:34:37 +01:00			`${cfg.internalIp4} = [ cfg.domain ];`
			`${cfg.internalIp6} = [ cfg.domain ];`
portunus: add ldap preset 2023-01-17 00:23:31 +01:00			`};`

			`security.ldap = lib.mkIf cfg.ldapPreset {`
			`roleBaseDN = "ou=groups";`
			`roleField = "cn";`
			`roleFilter = "(&(objectclass=groupOfNames)(member=%s))";`
			`roleValue = "dn";`
			`searchUID = "search";`
			`server = cfg.domain;`
			`userField = "uid";`
			`# TODO: add enum setting for login with username, email or both`
			`# userFilter = "(&(objectclass=person)(\|(uid=%s)(mail=%s)))";`
			`userFilter = "(&(objectclass=person)(uid=%s))";`
			`userBaseDN = "ou=users";`
			`};`
portunus: add option to create hosts entries 2022-12-22 21:58:24 +01:00			`};`
			`}`