diff options
Diffstat (limited to 'config/services/kerberos')
| -rw-r--r-- | config/services/kerberos/default.nix | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/config/services/kerberos/default.nix b/config/services/kerberos/default.nix new file mode 100644 index 0000000..e36ab40 --- /dev/null +++ b/config/services/kerberos/default.nix @@ -0,0 +1,39 @@ +{ + config, + ... +}: +let + realm = "aristote.mesh"; +in +{ + # client + security.krb5 = { + enable = true; + settings = { + libdefaults.default_realm = realm; + realms."${realm}" = + let + server = "${config.networking.hostName}.${realm}"; + in + { + kdc = server; + admin_server = server; + }; + }; + }; + + # server + networking.firewall.allowedTCPPorts = [ + 88 + 749 + ]; + services.kerberos_server = { + enable = true; + settings.realms."${realm}" = { }; + # initialization procedure + # https://github.com/NixOS/nixpkgs/issues/72722#issuecomment-557658883 + # > kdb5_util create -s -r ${realm} + # > systemctl restart kadmind.service kdc.service + }; + +} |