I’m trying to configure a FreeRADIUS server with NixOS. FreeRADIUS is a bit hostile in this regard, because most of the configuration is part of the derivation and hardcodes paths to itself. Ideally, I only want to override parts of it, but this looks like a lot of painful hackery.
So I wonder whether anyone has already setup a FreeRADIUS server with NixOS and is willing to share a configuration example.
Yes, we’re running freeradius on nixos; our config module (based on one originally written by @andir) is unfortunately not public, since we’re hardcoding a lot of information specific to our deployment in it; but I’ll summarise — I think the top of our config should address your problems with referencing the package:
{ config, pkgs, lib, ... }:
let
pkg = pkgs.freeradius;
configText = ''
prefix = /dev/null
checkrad = ${pkg}/bin/checkrad
localstatedir = "/var/lib/freeradius"
sbindir = "${pkg}/sbin"
logdir = "/var/log/freeradius"
run_dir = "/run/radiusd"
libdir = "${pkg}/lib"
radacctdir = "''${logdir}/radacct"
pidfile = "/dev/null/var/run/radiusd/radiusd.pid"
# … log, client, thread pool, module, policy, and server config…
'';
in {
services.freeradius = {
enable = true;
configDir = pkgs.writeTextDir "radiusd.conf" configText;
};
}
Thanks. This is super helpful. I’ll give it a shot!