xin/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

modules/auth: use pinned kanidm version

Browse source
This commit is contained in:
xinyangli 2025-05-04 23:16:24 +08:00
parent 81b13fc485
commit 7db179090e
No known key found for this signature in database
3 changed files with 5 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

2
modules/nixos/common-settings/auth.nix
View file

@ -22,6 +22,7 @@ in
config = mkIf cfg.enable {
services.kanidm = {
package = pkgs.kanidm_1_5;
enableClient = true;
clientSettings = {
uri = "https://${idpUrl}";
@ -37,6 +38,7 @@ in
enable = true;
authorizedKeysCommand = "/etc/ssh/auth %u";
authorizedKeysCommandUser = "kanidm-ssh-runner";
openFirewall = true;
settings = {
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;