depot/cluster/services/idm/default.nix

37 lines
773 B
Nix

{ config, depot, ... }:
{
links = {
idm = {
ipv4 = "idm.${depot.lib.meta.domain}";
port = 443;
protocol = "https";
};
ldap = {
hostname = "idm-ldap.internal.${depot.lib.meta.domain}";
ipv4 = config.vars.mesh.VEGAS.meshIp;
port = 636;
protocol = "ldaps";
};
};
services.idm = {
nodes = {
server = [ "VEGAS" ];
client = [ "checkmate" "grail" "VEGAS" "prophet" "soda" "thunderskin" ];
client-soda = [ "soda" ];
};
nixos = {
server = ./server.nix;
client = [
./client.nix
./modules/idm-nss-ready.nix
./modules/idm-tmpfiles.nix
./policies/infra-admins.nix
];
client-soda = [
./policies/soda.nix
];
};
};
}