Merge pull request #1012 from helsinki-systems/fix/ldap-test

fix ldap nixos test
2021-09-24 14:27:26 -04:00 · 2021-09-24 14:27:26 -04:00 · 99161c7c53
parent 047fbbdd6b e985a277b3
commit 99161c7c53
1 changed files with 56 additions and 58 deletions
--- a/flake.nix
+++ b/flake.nix
@ -851,22 +851,21 @@
            machine = { pkgs, ... }: {
              imports = [ hydraServer ];
-              services.openldap = {
+              services.openldap.enable = true;
-                enable = true;
+              services.openldap.settings.children = {
-                suffix = "dc=example";
+                "olcDatabase={1}mdb".attrs = {
-                rootdn = "cn=root,dc=example";
+                  objectClass = [ "olcDatabaseConfig" "olcMdbConfig" ];
-                rootpw = "notapassword";
+                  database = "{1}mdbg";
-                database = "bdb";
+                  olcSuffix = "dc=example";
-                dataDir = "/var/lib/openldap";
+                  olcRootDN = "cn=root,dc=example";
-                extraConfig = ''
+                  olcRootPW = "notapassword";
-                  moduleload pw-sha2
+                  olcDbDirectory = "/var/lib/openldap";
-                '';
+                };
-                extraDatabaseConfig = ''
+              };
                '';
-                # userPassword generated via `slappasswd -o module-load=pw-sha2  -h '{SSHA256}'`
+              # userPassword generated via `slappasswd`
-                # The admin user has the password `password and `user` has the password `foobar`.
+              # The admin user has the password `password` and `user` has the password `foobar`.
-                declarativeContents = ''
+              services.openldap.declarativeContents."dc=example" = ''
                dn: dc=example
                dc: example
                o: Root
@ -898,7 +897,7 @@
                sn: user
                cn: user
                mail: user@example
-                  userPassword: {SSHA256}B9rfUbNgv8nIGn1Hm5qbVQdv6AIQb012ORJwegqELB0DWCzoMCY+4A==
+                userPassword: {SSHA}gLgBMb86/3wecoCp8gtORgIF2/qCRpqs
                dn: cn=admin,ou=users,dc=example
                objectClass: organizationalPerson
@ -906,10 +905,9 @@
                sn: admin
                cn: admin
                mail: admin@example
-                  userPassword: {SSHA256}meKP7fSWhkzXFC1f8RWRb8V8ssmN/VQJp7xJrUFFcNUDuwP1PbitMg==
+                userPassword: {SSHA}BsgOQcRnoiULzwLrGmuzVGH6EC5Dkwmf
              '';
-              };
+              systemd.services.hydra-server.environment.CATALYST_DEBUG = "1";
              systemd.services.hdyra-server.environment.CATALYST_DEBUG = "1";
              systemd.services.hydra-server.environment.HYDRA_LDAP_CONFIG = pkgs.writeText "config.yaml"
                # example config based on https://metacpan.org/source/ILMARI/Catalyst-Authentication-Store-LDAP-1.016/README#L103
                ''