From 5763692afd7dd80e85428f3f2f2c5ca2562f49d1 Mon Sep 17 00:00:00 2001
From: geemili <opensource@geemili.xyz>
Date: Sun, 31 Dec 2023 18:27:23 -0700
Subject: [PATCH] fix: create lldap user and group to ensure that it can access
 secrets

---
 configuration.nix | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/configuration.nix b/configuration.nix
index 9d0b1a4..7eb015f 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -124,6 +124,13 @@
     };
   };
 
+  # lldap LDAP authentication server
+  users.users.lldap = {
+    # allocates the `uid` in the range 100-999, which indicates to software like login managers that it should not be displayed to the user.
+    isSystemUser = true;
+    group = "lldap";
+  };
+  users.groups.lldap = {};
   services.lldap = {
     enable = true;
     settings = {
@@ -194,6 +201,8 @@
     };
   };
 
+  services.tailscale.enable = true;
+
   # Enable automatic upgrades
   system.autoUpgrade.enable = true;
   system.autoUpgrade.allowReboot = true;