Conversation

Notices

1. Embed this notice
   Amber (puppygirlhornypost2@transfem.social)'s status on Saturday, 12-Oct-2024 04:09:59 JST Amber

   • Stefano Marinelli

   @stefano@mastodon.bsd.cafe Do you or anyone at the bsd cafe have any write ups/blogposts for NIS? I'm aware of https://docs.freebsd.org/en/books/handbook/network-servers/#network-nis but I was curious if someone also spent time to do a write up about their experience with it compared to other solutions like directory 389 and Windows Active Directory. I am slowly becoming more bsd inclined. My infrastructure relies on multiple vms right now and I'd love to setup NIS with OpenLDAP to control groups between my linux hosts for the instance. (we have a separate postgres vm, a separate vm for nginx/haproxy and so forth). Thinking NIS might be perfect here and I can use the need as an excuse to learn more about NIS and how it operates

   • Embed this notice
     feld (feld@friedcheese.us)'s status on Saturday, 12-Oct-2024 04:09:56 JST feld

     in reply to

     • Stefano Marinelli
     @puppygirlhornypost2 @stefano I don't know of anyone even trying to do NIS these days. Instead I'd expect to see OpenLDAP + Kerberos and some custom tooling to sync data from LDAP onto the filesystem. Like this is how at previous job we handled ssh keys. Every server's SSH keys were stored in its computer account in LDAP, and a script would distribute them to all systems so whenever you ssh to a server you are never asked to accept a key -- your computer already knows it
   • Embed this notice
     Amber (puppygirlhornypost2@transfem.social)'s status on Saturday, 12-Oct-2024 04:09:57 JST Amber

     in reply to

     • Stefano Marinelli

     @stefano@mastodon.bsd.cafe I’m curious by what the handbook means when it says "sync configs". Of course there’s an OpenLDAP section below, which makes me believe it’s not just syncing users and their corresponding groups. If I could do something like sync /etc/skel between hosts that’d be pretty cool. I remember I once set up an ubuntu server that made each account have zsh as the default shell with a barebones zshrc consisting of antigen plugins to make it feel a bit like fish with syntax highlighting. I mean sure I have terraform and ansible but one of bsd’s appeals to me is how homogenized userspace utilities are. They all work together instead of feeling like I have to hack them all to deal with various quirks.

   • Embed this notice
     Stefano Marinelli (stefano@mastodon.bsd.cafe)'s status on Saturday, 12-Oct-2024 04:09:59 JST Stefano Marinelli

     in reply to

     @puppygirlhornypost2 I've never used it, so I can't help. But boosting, hoping that someone will be able to give you some hints!