Commit Graph

8 Commits

Author SHA1 Message Date
h7x4
195d155a1c
nixos/kerberos_server: use krb format generator, plus misc cleanup
- Introduce more possible options by using the krb format generator.
- Enforce package choice is using a correct package.
- Use meta attribute to decide implementation, allows for overriding the
  package.
- Make necessary changes to the format, to allow for multiple ACL files in
  heimdal.
- Add systemd target and slice for both implementations.
- Move state to `/var/lib`
- Add documentation
2024-06-08 23:29:53 +02:00
Marco Rebhan
a4a9be35f4
nixos/krb5: add myself as maintainer for module & tests 2023-12-21 11:38:18 +01:00
Marco Rebhan
fed77d1705
nixos/krb5: move to security.krb5 2023-12-21 11:35:26 +01:00
Marco Rebhan
92a541c0ed
nixos/krb5: cleanup, fix and RFC42-ify
This replaces the krb5 module's options with RFC 42-style krb5.settings
option, while greatly simplifying the code and fixing a few bugs,
namely:

- #243068 krb5: Configuration silently gets ignored when set by
  multiple modules
- not being able to use mkIf etc. inside subattributes of
  krb5.libdefaults, e.g. krb5.libdefaults.default_realm = mkIf ...

See #144575.
Closes #243068.

Co-authored-by: h7x4 <h7x4@nani.wtf>
2023-12-21 11:34:59 +01:00
Robert Hensing
aa0f27abb0 treewide: machine -> nodes.machine 2022-03-28 14:11:58 +02:00
rnhmjoj
88b3c29cf1
nixos: heimdalFull -> heimdal
The package has been renamed in 2018-05-01.
2021-09-22 11:20:30 +02:00
Kai Wohlfahrt
d28fd8f8da nixos/kerberos: port tests to python 2019-11-23 19:45:46 +00:00
Kai Wohlfahrt
6cca9c0f9f kerberos-server: add kerberos option
Allow switching out kerberos server implementation.

Sharing config is probably sensible, but implementation is different enough to
be worth splitting into two files. Not sure this is the correct way to split an
implementation, but it works for now.

Uses the switch from config.krb5 to select implementation.
2018-12-11 13:33:10 +00:00