nss_pam_oidc.example.toml

debug = true
auth_url = "https://ticdesk-dev.teckids.org/oauth/authorize/"
token_url = "https://ticdesk-dev.teckids.org/oauth/token/"

[pam]
client_id = "Df1cpPEBsbG64oZ1Q1L8NetH1UKNBUyA5qhxg1Zh"
client_secret = ""

[nss]
client_id = "z8Oz0tG56QRo9QEPUZTs5Eda410FMiJtYxlInxKE"
client_secret = ""

urls.passwd = "https://ticdesk-dev.teckids.org/app/nis/api/passwd/"

# The following configuration maps the attributes as returned by AlekSIS, as
# example onto a system that also has local accounts (thus mapping IDs and
# home directories).
maps.passwd = """
    {
        name: .username,
        # No passwords in passwd
        passwd: "x",
        # Map user and group IDs starting at 10000
        uid: (.uid + 10000),
        gid: (.primary_gid + 10000),
        # Append organisation name to Gecos field
        gecos: (.full_name + " (Teckids)"),
        # Remap /home from server to /srv/teckids locally
        dir: ("/srv/teckids/" + (.home_directory|ltrimstr("/home/"))),
        shell: .login_shell
    }
"""