nixos-servers

torjus/nixos-servers

Fork 0

Commit Graph

Author	SHA1	Message	Date
Torjus Håkestad	bab59665fd	system: fix kanidm PAM user mismatch All checks were successful Run nix flake check / flake-check (push) Successful in 2m1s Details Configure uid_attr_map and gid_attr_map to use short names instead of SPN format. This fixes SSH failing with "PAM user mismatch" because getent returned "torjus@home.2rjus.net" instead of "torjus". Also add user-management documentation. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-02-08 13:55:11 +01:00
Torjus Håkestad	1d7eec7ad3	system: add kanidm PAM/NSS client module Some checks failed Run nix flake check / flake-check (push) Has been cancelled Details Add homelab.kanidm.enable option for central authentication via Kanidm. The module configures: - PAM/NSS integration with kanidm-unixd - Client connection to auth.home.2rjus.net - Login authorization for ssh-users group Enable on testvm01-03 for testing. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-02-08 13:43:41 +01:00

Author

SHA1

Message

Date

Torjus Håkestad

bab59665fd

system: fix kanidm PAM user mismatch

Run nix flake check / flake-check (push) Successful in 2m1s

Details

Configure uid_attr_map and gid_attr_map to use short names instead of
SPN format. This fixes SSH failing with "PAM user mismatch" because
getent returned "torjus@home.2rjus.net" instead of "torjus".

Also add user-management documentation.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

2026-02-08 13:55:11 +01:00

Torjus Håkestad

1d7eec7ad3

system: add kanidm PAM/NSS client module

Run nix flake check / flake-check (push) Has been cancelled

Details

Add homelab.kanidm.enable option for central authentication via Kanidm.
The module configures:
- PAM/NSS integration with kanidm-unixd
- Client connection to auth.home.2rjus.net
- Login authorization for ssh-users group

Enable on testvm01-03 for testing.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

2026-02-08 13:43:41 +01:00

2 Commits