many changes

2024-07-02 23:03:24 +02:00
parent 972084cd65
commit 982a12ba08
13 changed files with 492 additions and 56 deletions
--- a/hosts/mail.cloonar.com/modules/openldap.nix
+++ b/hosts/mail.cloonar.com/modules/openldap.nix
@@ -104,44 +104,6 @@ in {
        ];
      };

-      "olcDatabase={3}mdb".attrs = {
-        objectClass = ["olcDatabaseConfig" "olcMdbConfig"];
-
-        olcDatabase = "{3}mdb";
-        olcDbDirectory = "/var/lib/openldap/data";
-
-        olcSuffix = "dc=myhidden,dc=life";
-
-        olcAccess = [
-          ''
-            {0}to attrs=userPassword
-              by self write
-              by anonymous auth
-              by dn="cn=owncloud,ou=system,ou=users,dc=cloonar,dc=com" write
-              by dn="cn=authelia,ou=system,ou=users,dc=cloonar,dc=com" write
-              by dn.subtree="ou=system,ou=users,dc=cloonar,dc=com" read
-              by group.exact="cn=Administrators,ou=groups,dc=cloonar,dc=com" write
-              by * none
-          ''
-          ''
-            {1}to *
-              by dn.subtree="ou=system,ou=users,dc=cloonar,dc=com" read
-              by group.exact="cn=Administrators,ou=groups,dc=cloonar,dc=com" write
-              by * read
-          ''
-        ];
-      };
-      "olcOverlay=memberof,olcDatabase={3}mdb".attrs = {
-        objectClass = [ "olcOverlayConfig" "olcMemberOf" ];
-        olcOverlay = "memberof";
-        olcMemberOfRefint = "TRUE";
-      };
-      "olcOverlay=ppolicy,olcDatabase={3}mdb".attrs = {
-        objectClass = [ "olcOverlayConfig" "olcPPolicyConfig" ];
-        olcOverlay = "ppolicy";
-        olcPPolicyHashCleartext = "TRUE";
-      };
-
      "olcDatabase={4}mdb".attrs = {
        objectClass = ["olcDatabaseConfig" "olcMdbConfig"];

@@ -253,6 +215,44 @@ in {
        olcPPolicyHashCleartext = "TRUE";
      };

+      "olcDatabase={7}mdb".attrs = {
+        objectClass = ["olcDatabaseConfig" "olcMdbConfig"];
+
+        olcDatabase = "{7}mdb";
+        olcDbDirectory = "/var/lib/openldap/data";
+
+        olcSuffix = "dc=myhidden,dc=life";
+
+        olcAccess = [
+          ''
+            {0}to attrs=userPassword
+              by self write
+              by anonymous auth
+              by dn="cn=owncloud,ou=system,ou=users,dc=cloonar,dc=com" write
+              by dn="cn=authelia,ou=system,ou=users,dc=cloonar,dc=com" write
+              by dn.subtree="ou=system,ou=users,dc=cloonar,dc=com" read
+              by group.exact="cn=Administrators,ou=groups,dc=cloonar,dc=com" write
+              by * none
+          ''
+          ''
+            {1}to *
+              by dn.subtree="ou=system,ou=users,dc=cloonar,dc=com" read
+              by group.exact="cn=Administrators,ou=groups,dc=cloonar,dc=com" write
+              by * read
+          ''
+        ];
+      };
+      # "olcOverlay=memberof,olcDatabase={7}mdb".attrs = {
+      #   objectClass = [ "olcOverlayConfig" "olcMemberOf" ];
+      #   olcOverlay = "memberof";
+      #   olcMemberOfRefint = "TRUE";
+      # };
+      # "olcOverlay=ppolicy,olcDatabase={7}mdb".attrs = {
+      #   objectClass = [ "olcOverlayConfig" "olcPPolicyConfig" ];
+      #   olcOverlay = "ppolicy";
+      #   olcPPolicyHashCleartext = "TRUE";
+      # };
+
      # "cn=module{0},cn=config" = {
      #   attrs = {
      #     objectClass = "olcModuleList";