ForkMaster/nixos-mailserver
1
0
Fork 0
mirror of https://gitlab.com/simple-nixos-mailserver/nixos-mailserver.git synced 2025-05-25 20:10:49 +05:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'ldap-domains' into 'master'

Browse Source 
Allow to restrict ldap domains users are allowed to use

See merge request simple-nixos-mailserver/nixos-mailserver!397
This commit is contained in:
Sandro 2025-05-21 16:58:02 +02:00
commit 5f8a505e9f
2 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
default.nix
View File

@ -210,6 +210,15 @@ in
ldap = {
enable = mkEnableOption "LDAP support";
domains = mkOption {
type = types.listOf types.str;
default = config.mailserver.domains;
example = ''[ "example.com" "example.org" ]'';
description = ''
Domains which ldap users are allowed to use.
'';
};
uris = mkOption {
type = types.listOf types.str;
example = literalExpression ''

1
mail-server/postfix.nix
View File

@ -150,6 +150,7 @@ let
tls_ca_cert_file = ${cfg.ldap.tlsCAFile}
tls_require_cert = yes
domain = ${lib.concatStringsSep ", " cfg.ldap.domains}
search_base = ${cfg.ldap.searchBase}
scope = ${cfg.ldap.searchScope}