add options: selfprivacy.sso.enable && selfprivacy.sso.debug

selfprivacy.sso.enable is true by default.

sp-modules/gitea/module.nix

@@ -14,7 +14,7 @@ let
     "gitea-light"
     "gitea-dark"
   ];
-  is-auth-enabled = cfg.enableSso;
+  is-auth-enabled = cfg.enableSso && config.selfprivacy.sso.enable;
   oauth-client-id = "forgejo";
   auth-passthru = config.selfprivacy.passthru.auth;
   oauth2-provider-name = auth-passthru.oauth2-provider-name;

sp-modules/nextcloud/module.nix

@@ -12,7 +12,7 @@ let
   hostName = "${cfg.subdomain}.${sp.domain}";
   auth-passthru = config.selfprivacy.passthru.auth;
   cfg = sp.modules.nextcloud;
-  is-auth-enabled = cfg.enableSso;
+  is-auth-enabled = cfg.enableSso && config.selfprivacy.sso.enable;
   ldap_scheme_and_host = "ldaps://${auth-passthru.ldap-host}";
 
   occ = "${config.services.nextcloud.occ}/bin/nextcloud-occ";

sp-modules/roundcube/module.nix

@@ -2,7 +2,7 @@
 let
   domain = config.selfprivacy.domain;
   cfg = config.selfprivacy.modules.roundcube;
-  is-auth-enabled = cfg.enableSso;
+  is-auth-enabled = cfg.enableSso && config.selfprivacy.sso.enable;
   auth-passthru = config.selfprivacy.passthru.auth;
   auth-fqdn = auth-passthru.auth-fqdn;
   sp-module-name = "roundcube";

sp-modules/simple-nixos-mailserver/common.nix

@@ -4,7 +4,8 @@ rec {
   domain = config.selfprivacy.domain;
   group = "dovecot2";
   is-auth-enabled =
-    config.selfprivacy.modules.simple-nixos-mailserver.enableSso;
+    config.selfprivacy.modules.simple-nixos-mailserver.enableSso
+    && config.selfprivacy.sso.enable;
 
   appendSetting =
     { name, file, prefix, suffix ? "", passwordFile, destination }: