From 519a85a801c84341f0d007af86734ba2b5780a24 Mon Sep 17 00:00:00 2001
From: Charlotte Van Petegem <charlotte@vanpetegem.me>
Date: Fri, 30 May 2025 12:49:02 +0000
Subject: [PATCH] Fix assertion for ldap mail directory

---
 mail-server/assertions.nix | 28 ++++++++++++++--------------
 1 file changed, 14 insertions(+), 14 deletions(-)

diff --git a/mail-server/assertions.nix b/mail-server/assertions.nix
index deabe03..a2749a0 100644
--- a/mail-server/assertions.nix
+++ b/mail-server/assertions.nix
@@ -1,20 +1,7 @@
 { config, lib, ... }:
 {
   assertions = [
-    {
-      assertion = config.mailserver.stateVersion < 2
-        && config.mailserver.ldap.enable
-        && config.mailserver.mailDirectory != "/var/vmail";
-      message = ''
-        Issue: The dovecot homedir for LDAP users was previously not respecting `mailserver.mailDirectory`.
-        Remediation:
-          - Stop the `dovecot2.service`
-          - Move `/var/vmail/ldap` below your `mailserver.mailDirectory`
-          - Increase the `stateVersion` to 2.
-
-        Check https://nixos-mailserver.readthedocs.io/en/latest/migrations.html#ldap-home-directory-migration for more information.
-      ''; 
-    }
+    
   ] ++ lib.optionals config.mailserver.enable [
     {
       assertion = config.mailserver.stateVersion != null;
@@ -29,6 +16,19 @@
       assertion = config.mailserver.extraVirtualAliases == {};
       message = "When the LDAP support is enable (mailserver.ldap.enable = true), it is not possible to define mailserver.extraVirtualAliases";
     }
+  ] ++ lib.optionals (config.mailserver.ldap.enable && config.mailserver.mailDirectory != "/var/vmail") [
+    {
+      assertion = config.mailserver.stateVersion >= 2;
+      message = ''
+        Issue: The dovecot homedir for LDAP users was previously not respecting `mailserver.mailDirectory`.
+        Remediation:
+          - Stop the `dovecot2.service`
+          - Move `/var/vmail/ldap` below your `mailserver.mailDirectory`
+          - Increase the `stateVersion` to 2.
+
+        Check https://nixos-mailserver.readthedocs.io/en/latest/migrations.html#ldap-home-directory-migration for more information.
+      ''; 
+    }
   ] ++ lib.optionals (config.mailserver.enable && config.mailserver.certificateScheme != "acme") [
     {
       assertion = config.mailserver.acmeCertificateName == config.mailserver.fqdn;