diff --git a/modules/blocks/lldap/docs/default.md b/modules/blocks/lldap/docs/default.md index b22fb3c..1ea63c7 100644 --- a/modules/blocks/lldap/docs/default.md +++ b/modules/blocks/lldap/docs/default.md @@ -22,8 +22,8 @@ shb.lldap = { jwtSecret.result = config.shb.sops.secret."lldap/jwt_secret".result; ldapUserPassword.result = config.shb.sops.secret."lldap/user_password".result; }; -shb.sops.secret."lldap/jwt_secret".request = config.shb.ldap.jwtSecret.request; -shb.sops.secret."lldap/user_password".request = config.shb.ldap.ldapUserPassword.request; +shb.sops.secret."lldap/jwt_secret".request = config.shb.lldap.jwtSecret.request; +shb.sops.secret."lldap/user_password".request = config.shb.lldap.ldapUserPassword.request; ``` This assumes secrets are setup with SOPS @@ -41,7 +41,7 @@ shb.certs.certs.letsencrypt.${domain}.extraDomains = [ "${config.shb.lldap.subdomain}.${config.shb.lldap.domain}" ]; -shb.ldap.ssl = config.shb.certs.certs.letsencrypt.${config.shb.lldap.domain}; +shb.lldap.ssl = config.shb.certs.certs.letsencrypt.${config.shb.lldap.domain}; ``` ## Restrict Access By IP {#blocks-lldap-restrict-access-by-ip} @@ -142,7 +142,7 @@ set [`shb.lldap.enforceUserMemberships`](#blocks-lldap-options-shb.lldap.enforce }; shb.sops.secret."dad".request = - shb.ldap.ensureUsers.dad.password.request; + shb.lldap.ensureUsers.dad.password.request; } ``` diff --git a/modules/services/jellyfin/docs/default.md b/modules/services/jellyfin/docs/default.md index f49c28e..7ffacc8 100644 --- a/modules/services/jellyfin/docs/default.md +++ b/modules/services/jellyfin/docs/default.md @@ -92,8 +92,8 @@ Assuming it [has been set already][LLDAP block setup], add the following configu shb.jellyfin.ldap enable = true; host = "127.0.0.1"; - port = config.shb.ldap.ldapPort; - dcdomain = config.shb.ldap.dcdomain; + port = config.shb.lldap.ldapPort; + dcdomain = config.shb.lldap.dcdomain; adminPassword.result = config.shb.sops.secrets."jellyfin/ldap/adminPassword".result }; @@ -104,7 +104,7 @@ shb.sops.secrets."jellyfin/ldap/adminPassword" = { ``` The `shb.jellyfin.ldap.adminPasswordFile` must be the same -as the `shb.ldap.ldapUserPasswordFile` which is achieved +as the `shb.lldap.ldapUserPasswordFile` which is achieved with the `key` option. The other secrets can be randomly generated with `nix run nixpkgs#openssl -- rand -hex 64`. diff --git a/modules/services/pinchflat.nix b/modules/services/pinchflat.nix index a569157..6abaf52 100644 --- a/modules/services/pinchflat.nix +++ b/modules/services/pinchflat.nix @@ -138,7 +138,7 @@ in }; # This should be using a contract instead of setting the option directly. - shb.lldap = lib.mkIf config.shb.ldap.enable { + shb.lldap = lib.mkIf config.shb.lldap.enable { ensureGroups = { ${cfg.ldap.userGroup} = {}; }; };