auth: ldap-dovecot.nix, clean code

sp-modules/auth/common.nix

@@ -0,0 +1,35 @@
+{ config, lib, pkgs, ... }:
+rec {
+  domain = config.selfprivacy.domain;
+  cfg = config.selfprivacy.modules.auth;
+  passthru = config.passthru.selfprivacy.auth;
+  auth-fqdn = cfg.subdomain + "." + domain;
+
+  kanidm_ldap_port = 3636;
+
+  # e.g. "dc=mydomain,dc=com"
+  ldap_base_dn =
+    lib.strings.concatMapStringsSep
+      ","
+      (x: "dc=" + x)
+      (lib.strings.splitString "." domain);
+
+  appendLdapBindPwd =
+    { name, file, prefix, suffix ? "", passwordFile, destination }:
+    pkgs.writeScript "append-ldap-bind-pwd-in-${name}" ''
+      #!${pkgs.stdenv.shell}
+      set -euo pipefail
+
+      baseDir=$(dirname ${destination})
+      if (! test -d "$baseDir"); then
+        mkdir -p $baseDir
+        chmod 755 $baseDir
+      fi
+
+      cat ${file} > ${destination}
+      echo -n '${prefix}' >> ${destination}
+      cat ${passwordFile} >> ${destination}
+      echo -n '${suffix}' >> ${destination}
+      chmod 600 ${destination}
+    '';
+}