aehostd
is a custom nss/pam daemon to work with Æ-DIR LDAP directories.
Authorized Entities Directory (Æ-DIR) is a Privileged Identity and Access Management (IAM/PIM/PAM) based on OpenLDAP
Main Objectives of AE-DIR
- Strictly follow need to know and least privilege principles
- Agile data maintenance by consequent delegation of manageable small areas
- Provide meaningful audit trails for compliance checks
- Secure defaults
Packaging aehostd
- currently preferably deployed with ansible roles - , as a first step, would get nixos into the range of deployable host systems under AE-DIR management. This is what personally motivates me.
The original author of AE-DIR would welcome such contribution and expressed willingness to support, if needed.
I’m completely new to Nix, and I would appreciate help and guidance of any sorts.
First questions first:
- Based on the ultimate chances of inclusion, should I fork nixpkgs and work towards a PR? (I’d actually prefer to upstream this)
- If I got a package done, how should I tackle / organize a companion module for it’s proper configuration?
- Should a module go in the same PR or separate?