|
|
|
@ -56,6 +56,7 @@
|
|
|
|
|
(define %domain-name "metznet.ca")
|
|
|
|
|
|
|
|
|
|
(define %domain-kadmin (string-append "kerberos." %domain-name))
|
|
|
|
|
|
|
|
|
|
(define %domain-kdc (string-append "kerberos." %domain-name))
|
|
|
|
|
|
|
|
|
|
(define %metznet-base-user-accounts (append (list
|
|
|
|
@ -89,14 +90,14 @@
|
|
|
|
|
(program #~(string-append #$openresolv "/sbin/resolvconf"))))
|
|
|
|
|
%setuid-programs))
|
|
|
|
|
|
|
|
|
|
(define (krb5-config kdc-server kadmin) (krb5-configuration
|
|
|
|
|
(define %metznet-krb5-config (krb5-configuration
|
|
|
|
|
(default-realm %domain-realm)
|
|
|
|
|
(allow-weak-crypto? #t)
|
|
|
|
|
(rdns? #f)
|
|
|
|
|
(realms (list (krb5-realm
|
|
|
|
|
(name %domain-realm)
|
|
|
|
|
(admin-server kadmin)
|
|
|
|
|
(kdc kdc-server))))))
|
|
|
|
|
(admin-server %domain-kadmin)
|
|
|
|
|
(kdc %domain-kdc))))))
|
|
|
|
|
|
|
|
|
|
(define pam-krb5-config (pam-krb5-configuration
|
|
|
|
|
(pam-krb5 pam-krb5)
|
|
|
|
@ -135,7 +136,7 @@
|
|
|
|
|
|
|
|
|
|
(define %metznet-desktop-services
|
|
|
|
|
(append (list (service openssh-service-type)
|
|
|
|
|
(service krb5-service-type (krb5-config %domain-kdc %domain-kadmin))
|
|
|
|
|
(service krb5-service-type %metznet-krb5-config)
|
|
|
|
|
(service pam-krb5-service-type pam-krb5-config)
|
|
|
|
|
(service nslcd-service-type (nslcd-configuration (base "dc=metznet,dc=ca")
|
|
|
|
|
(nss-pam-ldapd nss-pam-ldapd)
|
|
|
|
@ -171,7 +172,7 @@
|
|
|
|
|
|
|
|
|
|
(define %metznet-server-services (append (list
|
|
|
|
|
(service openssh-service-type)
|
|
|
|
|
(service krb5-service-type (krb5-config %domain-kdc %domain-kadmin))
|
|
|
|
|
(service krb5-service-type %metznet-krb5-config)
|
|
|
|
|
(service pam-krb5-service-type pam-krb5-config)
|
|
|
|
|
(service dhcp-client-service-type)
|
|
|
|
|
(openvpn-client-service
|
|
|
|
|