talexander/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Releases Activity

nixos/kerberos_server: add extraKDCArgs option

Browse Source
This commit is contained in:
Katalin Rebhan 2025-06-07 20:59:25 +02:00
parent be7ffb6cc3
commit b3af89dd38
No known key found for this signature in database
3 changed files with 30 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
nixos/modules/services/system/kerberos/default.nix
View File

@ -7,6 +7,7 @@
let let
inherit (lib) mkOption types; inherit (lib) mkOption types;
inherit (lib.types) listOf str;
cfg = config.services.kerberos_server; cfg = config.services.kerberos_server;
inherit (config.security.krb5) package; inherit (config.security.krb5) package;
@ -41,6 +42,14 @@ in
''; '';
default = { }; default = { };
}; };
extraKDCArgs = mkOption {
type = listOf str;
description = ''
Extra arguments to pass to the KDC process. See {manpage}`kdc(8)`.
'';
default = [ ];
};
}; };
}; };

11
nixos/modules/services/system/kerberos/heimdal.nix
View File

@ -2,11 +2,14 @@
pkgs, pkgs,
config, config,
lib, lib,
utils,
... ...
}: }:
let let
inherit (lib) mapAttrs; inherit (lib) mapAttrs;
inherit (utils) escapeSystemdExecArgs;
cfg = config.services.kerberos_server; cfg = config.services.kerberos_server;
package = config.security.krb5.package; package = config.security.krb5.package;
@ -94,7 +97,13 @@ in
"info:heimdal" "info:heimdal"
]; ];
serviceConfig = { serviceConfig = {
ExecStart = "${package}/libexec/kdc --config-file=/etc/heimdal-kdc/kdc.conf"; ExecStart = escapeSystemdExecArgs (
[
"${package}/libexec/kdc"
"--config-file=/etc/heimdal-kdc/kdc.conf"
]
++ cfg.extraKDCArgs
);
Slice = "system-kerberos-server.slice"; Slice = "system-kerberos-server.slice";
StateDirectory = "heimdal"; StateDirectory = "heimdal";
}; };

12
nixos/modules/services/system/kerberos/mit.nix
View File

@ -2,11 +2,14 @@
pkgs, pkgs,
config, config,
lib, lib,
utils,
... ...
}: }:
let let
inherit (lib) mapAttrs; inherit (lib) mapAttrs;
inherit (utils) escapeSystemdExecArgs;
cfg = config.services.kerberos_server; cfg = config.services.kerberos_server;
package = config.security.krb5.package; package = config.security.krb5.package;
PIDFile = "/run/kdc.pid"; PIDFile = "/run/kdc.pid";
@ -91,7 +94,14 @@ in
serviceConfig = { serviceConfig = {
Type = "forking"; Type = "forking";
PIDFile = PIDFile; PIDFile = PIDFile;
ExecStart = "${package}/bin/krb5kdc -P ${PIDFile}"; ExecStart = escapeSystemdExecArgs (
[
"${package}/bin/krb5kdc"
"-P"
"${PIDFile}"
]
++ cfg.extraKDCArgs
);
Slice = "system-kerberos-server.slice"; Slice = "system-kerberos-server.slice";
StateDirectory = "krb5kdc"; StateDirectory = "krb5kdc";
}; };