ForkMaster/nixos-mailserver
1
0
Fork 0
mirror of https://gitlab.com/simple-nixos-mailserver/nixos-mailserver.git synced 2025-05-25 20:10:49 +05:00
Code Issues Packages Projects Releases Wiki Activity

Allow to restrict ldap domains users are allowed to use

Browse Source
This commit is contained in:
Sandro Jäckel 2024-08-12 02:29:58 +02:00
parent 433520257a
commit e337ce91ff
No known key found for this signature in database
GPG Key ID: 3AF5A43A3EECC2E5
2 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
default.nix
View File

@ -210,6 +210,15 @@ in
ldap = { ldap = {
enable = mkEnableOption "LDAP support"; enable = mkEnableOption "LDAP support";
domains = mkOption {
type = types.listOf types.str;
default = config.mailserver.domains;
example = ''[ "example.com" "example.org" ]'';
description = ''
Domains which ldap users are allowed to use.
'';
};
uris = mkOption { uris = mkOption {
type = types.listOf types.str; type = types.listOf types.str;
example = literalExpression '' example = literalExpression ''

1
mail-server/postfix.nix
View File

@ -150,6 +150,7 @@ let
tls_ca_cert_file = ${cfg.ldap.tlsCAFile} tls_ca_cert_file = ${cfg.ldap.tlsCAFile}
tls_require_cert = yes tls_require_cert = yes
domain = ${lib.concatStringsSep ", " cfg.ldap.domains}
search_base = ${cfg.ldap.searchBase} search_base = ${cfg.ldap.searchBase}
scope = ${cfg.ldap.searchScope} scope = ${cfg.ldap.searchScope}