Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.Sign up
nixos/openldap: add option for configuring OpenLDAP package to use #91963
Motivation for this change
In certain cases, for example when custom OpenLDAP modules are
This is especially common in setups where LDAP is the primary
Concretely this came up because we have enabled the Argos2 module in a deployment and the only way to update the OpenLDAP package was via an override in the package set, which causes extremely widespread rebuilds (as packages such as Python or GPG depend on OpenLDAP).
ciil left a comment
Seems reasonable overall, but I'd really like the documentation to be very clear here what this option does, because it's not like there are multiple openldap packages (like specific versions or open/closed source alternatives) in standard nixpkgs so this might confuse some people.
In certain cases, for example when custom OpenLDAP modules are compiled into the binary, users may want to override the package used for OpenLDAP. This is especially common in setups where LDAP is the primary authentication source, as good password hashing mechanisms need to be enabled as extra modules.