diff --git a/machines/nixos/vault01/k-radius/default.nix b/machines/nixos/vault01/k-radius/default.nix index 1df66f8..0c27125 100644 --- a/machines/nixos/vault01/k-radius/default.nix +++ b/machines/nixos/vault01/k-radius/default.nix @@ -40,16 +40,13 @@ radius_required_groups = [ "radius_access@sso.dgnum.eu" ]; # A mapping between Kanidm groups and VLANS - radius_groups = [ + radius_groups = map ( + { vlan, ... }: { - spn = "dgnum_members@sso.dgnum.eu"; - vlan = 1; + inherit vlan; + spn = "vlan_${toString vlan}@sso.dgnum.eu"; } - { - spn = "dgnum_clients@sso.dgnum.eu"; - vlan = 2; - } - ]; + ) config.networking.vlans-info; }; authTokenFile = config.age.secrets."radius-auth_token_file".path;