diff options
author | Kai Wohlfahrt <kjw53@cam.ac.uk> | 2017-11-06 17:41:34 +0000 |
---|---|---|
committer | Kai Wohlfahrt <kai@prodo.ai> | 2018-12-11 13:33:10 +0000 |
commit | 6cca9c0f9f2d7ed80ae52609160d2678e6fe38cd (patch) | |
tree | e7c9dd4fee257d7a0e423581fbb14341576478dc /nixos/modules/services/system/kerberos.nix | |
parent | fe8f2b8813e75ab8b20e133b60afaac6e955bca7 (diff) |
kerberos-server: add kerberos option
Allow switching out kerberos server implementation. Sharing config is probably sensible, but implementation is different enough to be worth splitting into two files. Not sure this is the correct way to split an implementation, but it works for now. Uses the switch from config.krb5 to select implementation.
Diffstat (limited to 'nixos/modules/services/system/kerberos.nix')
-rw-r--r-- | nixos/modules/services/system/kerberos.nix | 48 |
1 files changed, 0 insertions, 48 deletions
diff --git a/nixos/modules/services/system/kerberos.nix b/nixos/modules/services/system/kerberos.nix deleted file mode 100644 index 694dee8c2313c..0000000000000 --- a/nixos/modules/services/system/kerberos.nix +++ /dev/null @@ -1,48 +0,0 @@ -{pkgs, config, lib, ...}: - -let - inherit (lib) mkOption mkIf; - cfg = config.services.kerberos_server; - stateDir = "/var/heimdal"; -in - -{ - ###### interface - options = { - services.kerberos_server = { - enable = mkOption { - default = false; - description = '' - Enable the kerberos authentification server. - ''; - }; - - }; - }; - - - ###### implementation - - config = mkIf cfg.enable { - environment.systemPackages = [ pkgs.heimdalFull ]; - systemd.services.kadmind = { - description = "Kerberos Administration Daemon"; - serviceConfig.ExecStart = "${pkgs.heimdalFull}/libexec/heimdal/kadmind"; - }; - - systemd.services.kdc = { - description = "Key Distribution Center daemon"; - wantedBy = [ "multi-user.target" ]; - preStart = '' - mkdir -m 0755 -p ${stateDir} - ''; - serviceConfig.ExecStart = "${pkgs.heimdalFull}/libexec/heimdal/kdc"; - }; - - systemd.services.kpasswdd = { - description = "Kerberos Password Changing daemon"; - wantedBy = [ "multi-user.target" ]; - serviceConfig.ExecStart = "${pkgs.heimdalFull}/libexec/heimdal/kpasswdd"; - }; - }; -} |