From ef4756bcfc8a6791adbcae2b32f87e2f0a00525d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= Date: Sat, 13 Apr 2024 16:08:58 +0200 Subject: [PATCH] Quote ldap password Otherwise special characters like # do not work --- mail-server/common.nix | 5 +++-- mail-server/dovecot.nix | 3 ++- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/mail-server/common.nix b/mail-server/common.nix index 236530b..edea7f0 100644 --- a/mail-server/common.nix +++ b/mail-server/common.nix @@ -49,7 +49,7 @@ in # Appends the LDAP bind password to files to avoid writing this # password into the Nix store. appendLdapBindPwd = { - name, file, prefix, passwordFile, destination + name, file, prefix, suffix ? "", passwordFile, destination }: pkgs.writeScript "append-ldap-bind-pwd-in-${name}" '' #!${pkgs.stdenv.shell} set -euo pipefail @@ -61,8 +61,9 @@ in fi cat ${file} > ${destination} - echo -n "${prefix}" >> ${destination} + echo -n '${prefix}' >> ${destination} cat ${passwordFile} >> ${destination} + echo -n '${suffix}' >> ${destination} chmod 600 ${destination} ''; diff --git a/mail-server/dovecot.nix b/mail-server/dovecot.nix index 6459846..a6251fd 100644 --- a/mail-server/dovecot.nix +++ b/mail-server/dovecot.nix @@ -90,7 +90,8 @@ let setPwdInLdapConfFile = appendLdapBindPwd { name = "ldap-conf-file"; file = ldapConfig; - prefix = "dnpass = "; + prefix = ''dnpass = "''; + suffix = ''"''; passwordFile = cfg.ldap.bind.passwordFile; destination = ldapConfFile; };