torjus/nixos-servers
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity

kanidm: allow imperative group membership management
Some checks failed
Run nix flake check / flake-check (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Torjus Håkestad
2026-02-09 19:36:26 +01:00
parent 9dec754eed
commit c091852d9e
1 changed files with 4 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
services/kanidm/default.nix
View File

@@ -24,9 +24,10 @@
idmAdminPasswordFile = config.vault.secrets.kanidm-idm-admin.outputDir; idmAdminPasswordFile = config.vault.secrets.kanidm-idm-admin.outputDir;
groups = { groups = {
admins = { }; # overwriteMembers = false allows imperative member management via CLI
users = { }; admins = { overwriteMembers = false; };
ssh-users = { }; users = { overwriteMembers = false; };
ssh-users = { overwriteMembers = false; };
}; };
# Regular users (persons) are managed imperatively via kanidm CLI # Regular users (persons) are managed imperatively via kanidm CLI