passthru.selfprivacy -> selfprivacy.passthru

2025-02-03 00:57:08 +04:00
parent 365e01a4e3
commit ee2e404eb8
9 changed files with 37 additions and 43 deletions
--- a/auth/auth.nix
+++ b/auth/auth.nix
@@ -4,12 +4,6 @@ let
  domain = config.selfprivacy.domain;
  auth-fqdn = cfg.subdomain + "." + domain;

-  # e.g. "dc=mydomain,dc=com"
-  ldap-base-dn =
-    lib.strings.concatMapStringsSep
-      ","
-      (x: "dc=" + x)
-      (lib.strings.splitString "." domain);
  ldap-host = "127.0.0.1";
  ldap-port = 3636;

@@ -214,7 +208,7 @@ in
    systemd.services.kanidm.serviceConfig.ExecStartPost = lib.mkAfter
      [ spApiUserExecStartPostScript ];

-    passthru.selfprivacy.auth = {
+    selfprivacy.passthru.auth = {
      inherit
        admins-group
        auth-fqdn
--- a/sp-modules/gitea/config-paths-needed.json
+++ b/sp-modules/gitea/config-paths-needed.json
@@ -1,16 +1,16 @@
 [
-  [ "passthru", "selfprivacy", "auth", "admins-group" ],
-  [ "passthru", "selfprivacy", "auth", "auth-fqdn" ],
-  [ "passthru", "selfprivacy", "auth", "full-users-group" ],
-  [ "passthru", "selfprivacy", "auth", "ldap-base-dn" ],
-  [ "passthru", "selfprivacy", "auth", "ldap-host" ],
-  [ "passthru", "selfprivacy", "auth", "ldap-port" ],
-  [ "passthru", "selfprivacy", "auth", "oauth2-discovery-url" ],
-  [ "passthru", "selfprivacy", "auth", "oauth2-provider-name" ],
-  [ "passthru", "selfprivacy", "auth", "oauth2-systemd-service" ],
  [ "selfprivacy", "domain" ],
  [ "selfprivacy", "modules", "auth", "enable" ],
  [ "selfprivacy", "modules", "gitea" ],
+  [ "selfprivacy", "passthru", "auth", "admins-group" ],
+  [ "selfprivacy", "passthru", "auth", "auth-fqdn" ],
+  [ "selfprivacy", "passthru", "auth", "full-users-group" ],
+  [ "selfprivacy", "passthru", "auth", "ldap-base-dn" ],
+  [ "selfprivacy", "passthru", "auth", "ldap-host" ],
+  [ "selfprivacy", "passthru", "auth", "ldap-port" ],
+  [ "selfprivacy", "passthru", "auth", "oauth2-discovery-url" ],
+  [ "selfprivacy", "passthru", "auth", "oauth2-provider-name" ],
+  [ "selfprivacy", "passthru", "auth", "oauth2-systemd-service" ],
  [ "selfprivacy", "useBinds" ],
  [ "services", "forgejo", "group" ],
  [ "services", "forgejo", "package" ]
--- a/sp-modules/gitea/module.nix
+++ b/sp-modules/gitea/module.nix
@@ -16,7 +16,7 @@ let
  ];
  is-auth-enabled = cfg.enableSso;
  oauth-client-id = "forgejo";
-  auth-passthru = config.passthru.selfprivacy.auth;
+  auth-passthru = config.selfprivacy.passthru.auth;
  oauth2-provider-name = auth-passthru.oauth2-provider-name;
  redirect-uri =
    "https://${cfg.subdomain}.${sp.domain}/user/oauth2/${oauth2-provider-name}/callback";
--- a/sp-modules/nextcloud/config-paths-needed.json
+++ b/sp-modules/nextcloud/config-paths-needed.json
@@ -1,16 +1,16 @@
 [
-  [ "passthru", "selfprivacy", "auth", "admins-group" ],
-  [ "passthru", "selfprivacy", "auth", "full-users-group" ],
-  [ "passthru", "selfprivacy", "auth", "ldap-base-dn" ],
-  [ "passthru", "selfprivacy", "auth", "ldap-host" ],
-  [ "passthru", "selfprivacy", "auth", "ldap-port" ],
-  [ "passthru", "selfprivacy", "auth", "oauth2-discovery-url" ],
-  [ "passthru", "selfprivacy", "auth", "oauth2-provider-name" ],
-  [ "passthru", "selfprivacy", "auth", "oauth2-systemd-service" ],
  [ "security", "acme", "certs" ],
  [ "selfprivacy", "domain" ],
  [ "selfprivacy", "modules", "auth", "enable" ],
  [ "selfprivacy", "modules", "nextcloud" ],
+  [ "selfprivacy", "passthru", "auth", "admins-group" ],
+  [ "selfprivacy", "passthru", "auth", "full-users-group" ],
+  [ "selfprivacy", "passthru", "auth", "ldap-base-dn" ],
+  [ "selfprivacy", "passthru", "auth", "ldap-host" ],
+  [ "selfprivacy", "passthru", "auth", "ldap-port" ],
+  [ "selfprivacy", "passthru", "auth", "oauth2-discovery-url" ],
+  [ "selfprivacy", "passthru", "auth", "oauth2-provider-name" ],
+  [ "selfprivacy", "passthru", "auth", "oauth2-systemd-service" ],
  [ "selfprivacy", "useBinds" ],
  [ "services", "nextcloud" ],
  [ "services", "phpfpm", "pools", "nextcloud", "group" ],
--- a/sp-modules/nextcloud/module.nix
+++ b/sp-modules/nextcloud/module.nix
@@ -10,7 +10,7 @@ let
    ;

  hostName = "${cfg.subdomain}.${sp.domain}";
-  auth-passthru = config.passthru.selfprivacy.auth;
+  auth-passthru = config.selfprivacy.passthru.auth;
  cfg = sp.modules.nextcloud;
  is-auth-enabled = cfg.enableSso;
  ldap_scheme_and_host = "ldaps://${auth-passthru.ldap-host}";
--- a/sp-modules/roundcube/config-paths-needed.json
+++ b/sp-modules/roundcube/config-paths-needed.json
@@ -1,13 +1,13 @@
 [
  [ "mailserver", "fqdn" ],
-  [ "passthru", "selfprivacy", "auth", "admins-group" ],
-  [ "passthru", "selfprivacy", "auth", "auth-fqdn" ],
-  [ "passthru", "selfprivacy", "auth", "full-users-group" ],
-  [ "passthru", "selfprivacy", "auth", "oauth2-provider-name" ],
-  [ "passthru", "selfprivacy", "auth", "oauth2-systemd-service" ],
  [ "selfprivacy", "domain" ],
  [ "selfprivacy", "modules", "auth" ],
  [ "selfprivacy", "modules", "roundcube" ],
+  [ "selfprivacy", "passthru", "auth", "admins-group" ],
+  [ "selfprivacy", "passthru", "auth", "auth-fqdn" ],
+  [ "selfprivacy", "passthru", "auth", "full-users-group" ],
+  [ "selfprivacy", "passthru", "auth", "oauth2-provider-name" ],
+  [ "selfprivacy", "passthru", "auth", "oauth2-systemd-service" ],
  [ "selfprivacy", "passthru", "mailserver", "oauth-client-id" ],
  [ "selfprivacy", "passthru", "mailserver", "oauth-client-secret-fp" ]
 ]
--- a/sp-modules/roundcube/module.nix
+++ b/sp-modules/roundcube/module.nix
@@ -3,7 +3,7 @@ let
  domain = config.selfprivacy.domain;
  cfg = config.selfprivacy.modules.roundcube;
  is-auth-enabled = cfg.enableSso;
-  auth-passthru = config.passthru.selfprivacy.auth;
+  auth-passthru = config.selfprivacy.passthru.auth;
  auth-fqdn = auth-passthru.auth-fqdn;
  sp-module-name = "roundcube";
  user = "roundcube";
--- a/sp-modules/simple-nixos-mailserver/common.nix
+++ b/sp-modules/simple-nixos-mailserver/common.nix
@@ -1,6 +1,6 @@
 { config, pkgs, ... }:
 rec {
-  auth-passthru = config.passthru.selfprivacy.auth;
+  auth-passthru = config.selfprivacy.passthru.auth;
  domain = config.selfprivacy.domain;
  group = "dovecot2";
  is-auth-enabled =
--- a/sp-modules/simple-nixos-mailserver/config-paths-needed.json
+++ b/sp-modules/simple-nixos-mailserver/config-paths-needed.json
@@ -1,20 +1,20 @@
 [
  [ "mailserver" ],
-  [ "passthru", "selfprivacy", "auth", "admins-group" ],
-  [ "passthru", "selfprivacy", "auth", "full-users-group" ],
-  [ "passthru", "selfprivacy", "auth", "ldap-base-dn" ],
-  [ "passthru", "selfprivacy", "auth", "ldap-port" ],
-  [ "passthru", "selfprivacy", "auth", "oauth2-discovery-url" ],
-  [ "passthru", "selfprivacy", "auth", "oauth2-introspection-url-postfix" ],
-  [ "passthru", "selfprivacy", "auth", "oauth2-introspection-url-prefix" ],
-  [ "passthru", "selfprivacy", "auth", "oauth2-systemd-service" ],
-  [ "passthru", "selfprivacy", "roundcube", "oauth-client-id" ],
-  [ "passthru", "selfprivacy", "roundcube", "oauth-client-secret-fp" ],
  [ "security", "acme", "certs" ],
  [ "selfprivacy", "domain" ],
  [ "selfprivacy", "hashedMasterPassword" ],
  [ "selfprivacy", "modules", "auth", "enable" ],
  [ "selfprivacy", "modules", "simple-nixos-mailserver" ],
+  [ "selfprivacy", "passthru", "auth", "admins-group" ],
+  [ "selfprivacy", "passthru", "auth", "full-users-group" ],
+  [ "selfprivacy", "passthru", "auth", "ldap-base-dn" ],
+  [ "selfprivacy", "passthru", "auth", "ldap-port" ],
+  [ "selfprivacy", "passthru", "auth", "oauth2-discovery-url" ],
+  [ "selfprivacy", "passthru", "auth", "oauth2-introspection-url-postfix" ],
+  [ "selfprivacy", "passthru", "auth", "oauth2-introspection-url-prefix" ],
+  [ "selfprivacy", "passthru", "auth", "oauth2-systemd-service" ],
+  [ "selfprivacy", "passthru", "roundcube", "oauth-client-id" ],
+  [ "selfprivacy", "passthru", "roundcube", "oauth-client-secret-fp" ],
  [ "selfprivacy", "useBinds" ],
  [ "selfprivacy", "username" ],
  [ "selfprivacy", "users" ],