From e869e5d7908e1b11316cdcdfd55e494a076e714a Mon Sep 17 00:00:00 2001
From: Jan-Bulthuis <git@bulthuis.dev>
Date: Mon, 9 Jun 2025 01:47:48 +0200
Subject: [PATCH] Setup kerberos config

---
 modules/nixos/domain.nix | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/modules/nixos/domain.nix b/modules/nixos/domain.nix
index cdf09d5..d0d2c87 100644
--- a/modules/nixos/domain.nix
+++ b/modules/nixos/domain.nix
@@ -59,6 +59,24 @@ in
       '';
     };
 
+    # Set up Kerberos
+    security.krb5 = {
+      enable = true;
+      settings = {
+        libdefaults = {
+          default_realm = domainUpper;
+          dns_lookup_realm = false;
+          dns_lookup_kdc = true;
+          rdns = false;
+        };
+        realms.${domainUpper} = { };
+        domain_realm = {
+          "${domain}" = domainUpper;
+          ".${domain}" = domainUpper;
+        };
+      };
+    };
+
     # Set up SSSD
     services.sssd = {
       enable = true;