b12f/nixpkgs
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

kerberos_server: ensure only one realm configured

Browse source 
Leave options for multiple realms for similarity to krb5, and future
expansion. Currently not tested because I can't make it work and don't need
it.
This commit is contained in:
Kai Wohlfahrt 2017-11-19 15:13:48 +00:00 committed by Kai Wohlfahrt
parent 4e4a599e7e
commit f5b4918de4
1 changed files with 5 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
nixos/modules/services/system/kerberos/default.nix
View file

@ -1,7 +1,7 @@
{pkgs, config, lib, ...}:
let
inherit (lib) mkOption mkIf types;
inherit (lib) mkOption mkIf types length attrNames;
cfg = config.services.kerberos_server;
kerberos = config.krb5.kerberos;
@ -72,5 +72,9 @@ in
config = mkIf cfg.enable {
environment.systemPackages = [ kerberos ];
assertions = [{
assertion = length (attrNames cfg.realms) <= 1;
message = "Only one realm per server is currently supported.";
}];
};
}