forked from Drift/pvv-nixos-config
WIP: kerberos
This commit is contained in:
parent
28e3f5672c
commit
fc1b7db291
@ -5,6 +5,7 @@
|
||||
|
||||
../../base.nix
|
||||
../../misc/metrics-exporters.nix
|
||||
../../modules/kerberos_auth.nix
|
||||
|
||||
#./services/keycloak.nix
|
||||
|
||||
|
25
modules/kerberos_auth.nix
Normal file
25
modules/kerberos_auth.nix
Normal file
@ -0,0 +1,25 @@
|
||||
{ pkgs, lib, ... }:
|
||||
{
|
||||
environment.systemPackages = with pkgs; [
|
||||
heimdal
|
||||
];
|
||||
|
||||
security.pam.krb5.enable = true;
|
||||
|
||||
environment.etc."krb5.conf".text = ''
|
||||
[libdefaults]
|
||||
default_realm = PVV.NTNU.NO
|
||||
dns_lookup_realm = yes
|
||||
dns_lookup_kdc = yes
|
||||
|
||||
[appdefaults]
|
||||
pam = {
|
||||
ignore_k5login = yes
|
||||
}
|
||||
|
||||
[realms]
|
||||
PVV.NTNU.NO = {
|
||||
admin_server = kdc.pvv.ntnu.no
|
||||
}
|
||||
'';
|
||||
}
|
Loading…
Reference in New Issue
Block a user