lyes/nixfiles
1
0
Fork 0
Code Issues Pull requests Activity Actions

Adding taf ldap conf

Browse source
This commit is contained in:
Lyes Saadi 2025-10-13 16:14:51 +02:00
parent 6bb2c91a2f
commit 960500b2d7
Signed by: lyes
GPG key ID: 55A1D803917CF39A
3 changed files with 41 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

41
modules/server/taf/default.nix
View file

@ -1,4 +1,4 @@
{ ... }: { config, ... }:
{ {
mailserver = { mailserver = {
@ -15,6 +15,26 @@
ldap = { ldap = {
enable = true; enable = true;
uris = [ "ldaps://" ];
searchBase = "dc=auth,dc=lyes,dc=eu";
searchScope = "sub";
bind = {
dn = "dn=token,dc=auth,dc=lyes,dc=eu";
passwordFile = config.age.secrets.taf-token.path;
};
dovecot = {
userFilter = "(mail=%u)";
passFilter = "(mail=%u)";
};
postfix = {
filter = "(mail=%s)";
mailAttribute = "mail";
uidAttribute = "name";
};
}; };
extraVirtualAliases = { extraVirtualAliases = {
@ -23,4 +43,23 @@
certificateScheme = "acme-nginx"; certificateScheme = "acme-nginx";
}; };
services.roundcube = {
enable = true;
hostName = "mail.lyes.eu";
extraConfig = ''
$config['smtp_host'] = "tls://taf.lyes.eu";
$config['smtp_port'] = 587;
$config['smtp_user'] = "%u";
$config['smtp_pass'] = "%p";
'';
};
age.secrets = {
taf-token = {
owner = "postfix";
file = ../../../secrets/zora/services/taf-token.age;
};
};
} }

1
secrets.nix
View file

@ -12,4 +12,5 @@ in
# Zora # Zora
"secrets/zora/services/kanidm-admin-password.age".publicKeys = all; "secrets/zora/services/kanidm-admin-password.age".publicKeys = all;
"secrets/zora/services/kanidm-idm-admin-password.age".publicKeys = all; "secrets/zora/services/kanidm-idm-admin-password.age".publicKeys = all;
"secrets/zora/services/taf-token.age".publicKeys = all;
} }

BIN
secrets/zora/services/taf-token.age Normal file
View file

Binary file not shown.