mirror of
https://github.com/SebastianWendel/nixpkgs.git
synced 2024-09-21 21:09:00 +02:00
d54d70f166
Suppose you want to provide a LDAP-based directory search to your homeserver via a service-user with a bind-password. To make sure that this doesn't end up in the Nix store, it's now possible to set a substitute for the bindPassword like services.mxisd.extraConfig.ldap.connection = { # host, bindDn etc. bindPassword = "$LDAP_BIND_PW"; }; and write the actual secret into an environment file that's readable for `mxisd.service` containing LDAP_BIND_PW=<your secret bind pw> and the following setting in the Nix expression: services.mxisd.environmentFile = "/runs/ecrets/mxisd"; (cherry picked from commit aa25ce7aa1a89618e4257fd46c7d20879f54c728) |
||
---|---|---|
.. | ||
doc | ||
lib | ||
maintainers | ||
modules | ||
tests | ||
COPYING | ||
default.nix | ||
README | ||
release-combined.nix | ||
release-small.nix | ||
release.nix |
*** NixOS *** NixOS is a Linux distribution based on the purely functional package management system Nix. More information can be found at https://nixos.org/nixos and in the manual in doc/manual.