aither/simple-nixos-mailserver
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

ldap: reorganize and regroup options

Browse Source 
Now that we have more experience with how we use the LDAP module options
we can make smarter decisions in how to organize them. We can also
explain much better what these options imply, which results in more
extensive option documentation.
This commit is contained in:
Martin Weinelt
2026-03-12 03:23:51 +01:00
parent 609fd80936
commit a87d01ea79
4 changed files with 86 additions and 53 deletions
Download Patch File Download Diff File Expand all files Collapse all files
mail-server/dovecot.nix
+3 -3
View File
@@ -71,12 +71,12 @@ let
tls = yes
''}
tls_require_cert = hard
tls_ca_cert_file = ${cfg.ldap.tlsCAFile}
tls_ca_cert_file = ${cfg.ldap.caFile}
dn = ${cfg.ldap.bind.dn}
sasl_bind = no
auth_bind = yes
base = ${cfg.ldap.searchBase}
scope = ${mkLdapSearchScope cfg.ldap.searchScope}
base = ${cfg.ldap.base}
scope = ${mkLdapSearchScope cfg.ldap.scope}
user_attrs = \
${ldapUuidAttribute}=${ldapUuidAttribute}, \
=home=/var/vmail/ldap/%{ldap:${ldapUuidAttribute}}, \
mail-server/postfix.nix
+5 -5
View File
@@ -209,11 +209,11 @@ let
server_host = ${lib.concatStringsSep " " cfg.ldap.uris}
start_tls = ${if cfg.ldap.startTls then "yes" else "no"}
version = 3
tls_ca_cert_file = ${cfg.ldap.tlsCAFile}
tls_ca_cert_file = ${cfg.ldap.caFile}
tls_require_cert = yes
search_base = ${cfg.ldap.searchBase}
scope = ${cfg.ldap.searchScope}
search_base = ${cfg.ldap.base}
scope = ${cfg.ldap.scope}
bind = yes
bind_dn = ${cfg.ldap.bind.dn}
@@ -222,7 +222,7 @@ let
ldapSenderLoginMap = pkgs.writeText "ldap-sender-login-map.cf" ''
${commonLdapConfig}
query_filter = ${cfg.ldap.postfix.filter}
result_attribute = ${cfg.ldap.postfix.mailAttribute}
result_attribute = ${cfg.ldap.attributes.mail}
'';
ldapSenderLoginMapFile = "/run/postfix/ldap-sender-login-map.cf";
appendPwdInSenderLoginMap = appendLdapBindPwd {
@@ -236,7 +236,7 @@ let
ldapVirtualMailboxMap = pkgs.writeText "ldap-virtual-mailbox-map.cf" ''
${commonLdapConfig}
query_filter = ${cfg.ldap.postfix.filter}
result_attribute = ${cfg.ldap.postfix.uidAttribute}
result_attribute = ${cfg.ldap.attributes.username}
'';
ldapVirtualMailboxMapFile = "/run/postfix/ldap-virtual-mailbox-map.cf";
appendPwdInVirtualMailboxMap = appendLdapBindPwd {