servius/dotfiles
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

feat(neovim): enable on tako device

Browse Source 
feat(authelia): configure port and reverse proxy
feat(lldap): force password reset and update settings
fix(nixos): remove root from trusted users on ryu and tako
fix(immich): disable auto launch and enable password login
refactor(tako): enable authelia, immich, and lldap services
chore(secrets): update lldap seed and metadata timestamps
This commit is contained in:
uttarayan21
2025-11-27 20:51:34 +05:30
parent f9970ce3af
commit a9616c8564
10 changed files with 26 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
nixos/tako/services/lldap.nix
View File

@@ -6,6 +6,7 @@
services.lldap = {
enable = true;
settings = {
force_ldap_user_pass_reset = "always";
ldap_user_dn = "admin";
ldap_base_dn = "dc=darksailor,dc=dev";
ldap_user_email = "admin@darksailor.dev";
@@ -14,10 +15,12 @@
ldap_port = 389;
ldap_host = "::";
ldap_user_pass_file = config.sops.secrets."lldap/admin".path;
environmentFile = ''
LLDAP_JWT_SECRET_FILE = ${config.sops.secrets."lldap/jwt".path};
LLDAP_KEY_SEED_FILE = ${config.sops.secrets."lldap/seed".path};
'';
jwt_secret_file = "${config.sops.secrets."lldap/jwt".path}";
};
environment = {
LLDAP_JWT_SECRET_FILE = "${config.sops.secrets."lldap/jwt".path}";
# LLDAP_FORCE_UPDATE_PRIVATE_KEY = "true";
# LLDAP_KEY_SEED_FILE = "${config.sops.secrets."lldap/seed".path}";
};
};
users.users.lldap = {