Cloonar/nixos
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

feat: add docfast.dev to openldap and mail

Browse source
This commit is contained in:
Dominik Polakovics Polakovics 2026-02-16 19:01:12 +01:00
parent 7763b90d3f
commit 473273146d
2 changed files with 64 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

4
hosts/mail/modules/dovecot.nix
View file

@ -55,6 +55,10 @@ let
doveadm user *@scana11y.com | while read user; do doveadm user *@scana11y.com | while read user; do
doveadm -v sync -u $user $SERVER doveadm -v sync -u $user $SERVER
done done
doveadm user *@docfast.dev | while read user; do
doveadm -v sync -u $user $SERVER
done
''; '';
quotaWarning = pkgs.writeShellScriptBin "quota-warning.sh" '' quotaWarning = pkgs.writeShellScriptBin "quota-warning.sh" ''

70
hosts/mail/modules/openldap.nix
View file

@ -1,11 +1,11 @@
{ { pkgs
pkgs, , config
config, , ...
...
}: }:
let let
domain = config.networking.domain; domain = config.networking.domain;
in { in
{
services.openldap = { services.openldap = {
enable = true; enable = true;
@ -33,7 +33,7 @@ in {
]; ];
"olcDatabase={1}mdb".attrs = { "olcDatabase={1}mdb".attrs = {
objectClass = ["olcDatabaseConfig" "olcMdbConfig"]; objectClass = [ "olcDatabaseConfig" "olcMdbConfig" ];
olcDatabase = "{1}mdb"; olcDatabase = "{1}mdb";
olcDbDirectory = "/var/lib/openldap/data"; olcDbDirectory = "/var/lib/openldap/data";
@ -101,7 +101,7 @@ in {
# }; # };
"olcDatabase={2}monitor".attrs = { "olcDatabase={2}monitor".attrs = {
olcDatabase = "{2}monitor"; olcDatabase = "{2}monitor";
objectClass = ["olcDatabaseConfig" "olcMonitorConfig"]; objectClass = [ "olcDatabaseConfig" "olcMonitorConfig" ];
olcAccess = [ olcAccess = [
'' ''
{0}to * {0}to *
@ -112,7 +112,7 @@ in {
}; };
"olcDatabase={4}mdb".attrs = { "olcDatabase={4}mdb".attrs = {
objectClass = ["olcDatabaseConfig" "olcMdbConfig"]; objectClass = [ "olcDatabaseConfig" "olcMdbConfig" ];
olcDatabase = "{4}mdb"; olcDatabase = "{4}mdb";
olcDbDirectory = "/var/lib/openldap/data"; olcDbDirectory = "/var/lib/openldap/data";
@ -158,7 +158,7 @@ in {
"olcDatabase={6}mdb".attrs = { "olcDatabase={6}mdb".attrs = {
objectClass = ["olcDatabaseConfig" "olcMdbConfig"]; objectClass = [ "olcDatabaseConfig" "olcMdbConfig" ];
olcDatabase = "{6}mdb"; olcDatabase = "{6}mdb";
olcDbDirectory = "/var/lib/openldap/data"; olcDbDirectory = "/var/lib/openldap/data";
@ -203,7 +203,7 @@ in {
# }; # };
"olcDatabase={7}mdb".attrs = { "olcDatabase={7}mdb".attrs = {
objectClass = ["olcDatabaseConfig" "olcMdbConfig"]; objectClass = [ "olcDatabaseConfig" "olcMdbConfig" ];
olcDatabase = "{7}mdb"; olcDatabase = "{7}mdb";
olcDbDirectory = "/var/lib/openldap/data"; olcDbDirectory = "/var/lib/openldap/data";
@ -249,7 +249,7 @@ in {
# }; # };
"olcDatabase={8}mdb".attrs = { "olcDatabase={8}mdb".attrs = {
objectClass = ["olcDatabaseConfig" "olcMdbConfig"]; objectClass = [ "olcDatabaseConfig" "olcMdbConfig" ];
olcDatabase = "{8}mdb"; olcDatabase = "{8}mdb";
olcDbDirectory = "/var/lib/openldap/data"; olcDbDirectory = "/var/lib/openldap/data";
@ -285,7 +285,7 @@ in {
}; };
"olcDatabase={9}mdb".attrs = { "olcDatabase={9}mdb".attrs = {
objectClass = ["olcDatabaseConfig" "olcMdbConfig"]; objectClass = [ "olcDatabaseConfig" "olcMdbConfig" ];
olcDatabase = "{9}mdb"; olcDatabase = "{9}mdb";
olcDbDirectory = "/var/lib/openldap/data"; olcDbDirectory = "/var/lib/openldap/data";
@ -320,6 +320,52 @@ in {
]; ];
}; };
"olcDatabase={10}mdb".attrs = {
objectClass = [ "olcDatabaseConfig" "olcMdbConfig" ];
olcDatabase = "{10}mdb";
olcDbDirectory = "/var/lib/openldap/data";
olcSuffix = "dc=docfast,dc=dev";
olcAccess = [
''
{0}to attrs=userPassword
by self write
by anonymous auth
by dn="cn=owncloud,ou=system,ou=users,dc=cloonar,dc=com" write
by dn="cn=authelia,ou=system,ou=users,dc=cloonar,dc=com" write
by dn.subtree="ou=system,ou=users,dc=cloonar,dc=com" read
by group.exact="cn=Administrators,ou=groups,dc=cloonar,dc=com" write
by * none
''
''
{1}to attrs=pgpPublicKey
by self write
by anonymous read
by dn.subtree="ou=system,ou=users,dc=cloonar,dc=com" read
by group.exact="cn=Administrators,ou=groups,dc=cloonar,dc=com" write
by * read
''
''
{2}to *
by dn.subtree="ou=system,ou=users,dc=cloonar,dc=com" read
by group.exact="cn=Administrators,ou=groups,dc=cloonar,dc=com" write
by * read
''
];
};
"olcOverlay=memberof,olcDatabase={10}mdb".attrs = {
objectClass = [ "olcOverlayConfig" "olcMemberOf" ];
olcOverlay = "memberof";
olcMemberOfRefint = "TRUE";
};
"olcOverlay=ppolicy,olcDatabase={10}mdb".attrs = {
objectClass = [ "olcOverlayConfig" "olcPPolicyConfig" ];
olcOverlay = "ppolicy";
olcPPolicyHashCleartext = "TRUE";
};
# "cn=module{0},cn=config" = { # "cn=module{0},cn=config" = {
# attrs = { # attrs = {
# objectClass = "olcModuleList"; # objectClass = "olcModuleList";