sp-config/sp-modules/simple-nixos-mailserver/common.nix

{ config, pkgs, ... }:
rec {
  auth-passthru = config.selfprivacy.passthru.auth;
  domain = config.selfprivacy.domain;
  group = "dovecot2";
  is-auth-enabled =
    config.selfprivacy.modules.simple-nixos-mailserver.enableSso
    && config.selfprivacy.sso.enable;

  appendSetting =
    { name, file, prefix, suffix ? "", passwordFile, destination }:
    pkgs.writeScript "append-ldap-bind-pwd-in-${name}" ''
      #!${pkgs.stdenv.shell}
      set -euo pipefail

      baseDir=$(dirname ${destination})
      if (! test -d "$baseDir"); then
        mkdir -p $baseDir
        chmod 755 $baseDir
      fi

      cat ${file} > ${destination}
      echo -n '${prefix}' >> ${destination}
      cat ${passwordFile} >> ${destination}
      echo -n '${suffix}' >> ${destination}
      chmod 600 ${destination}
    '';
}
chore: restructure LDAP related nix files 2024-12-26 18:27:25 +04:00			`{ config, pkgs, ... }:`
auth: ldap-dovecot.nix, clean code 2024-12-20 18:41:07 +04:00			`rec {`
passthru.selfprivacy -> selfprivacy.passthru 2025-02-03 00:57:08 +04:00			`auth-passthru = config.selfprivacy.passthru.auth;`
auth: ldap-dovecot.nix, clean code 2024-12-20 18:41:07 +04:00			`domain = config.selfprivacy.domain;`
roundcube & mailserver: fix oauth: mailserver is an OAuth secret donor Both of them use the same client ID and client secret, but Roundcube depends on mailserver generally, so mailserver is the one to share OAuth client id and secret. 2025-01-31 14:31:09 +04:00			`group = "dovecot2";`
merge auth SP module into main configuration; add `enableSso` option `enableSso` is being added to the following SP modules: * gitea (forgejo) * nextcloud * roundcube * simple-nixos-mailserver 2025-01-29 18:17:17 +04:00			`is-auth-enabled =`
add options: selfprivacy.sso.enable && selfprivacy.sso.debug selfprivacy.sso.enable is true by default. 2025-02-03 01:35:21 +04:00			`config.selfprivacy.modules.simple-nixos-mailserver.enableSso`
			`&& config.selfprivacy.sso.enable;`
auth: ldap-dovecot.nix, clean code 2024-12-20 18:41:07 +04:00
roundcube & mailserver: fix oauth: mailserver is an OAuth secret donor Both of them use the same client ID and client secret, but Roundcube depends on mailserver generally, so mailserver is the one to share OAuth client id and secret. 2025-01-31 14:31:09 +04:00			`appendSetting =`
auth: ldap-dovecot.nix, clean code 2024-12-20 18:41:07 +04:00			`{ name, file, prefix, suffix ? "", passwordFile, destination }:`
			`pkgs.writeScript "append-ldap-bind-pwd-in-${name}" ''`
			`#!${pkgs.stdenv.shell}`
			`set -euo pipefail`

			`baseDir=$(dirname ${destination})`
			`if (! test -d "$baseDir"); then`
			`mkdir -p $baseDir`
			`chmod 755 $baseDir`
			`fi`

			`cat ${file} > ${destination}`
			`echo -n '${prefix}' >> ${destination}`
			`cat ${passwordFile} >> ${destination}`
			`echo -n '${suffix}' >> ${destination}`
			`chmod 600 ${destination}`
			`'';`
			`}`