added ldap config to mailman

2023-04-04 14:25:21 +02:00 · 2023-04-04 14:25:21 +02:00 · 12f1d690ba
parent d1fb1b3de1
commit 12f1d690ba
1 changed files with 18 additions and 0 deletions
--- a/modules/mailman.nix
+++ b/modules/mailman.nix
@ -1,5 +1,9 @@
 { config, ... }:
 {
+  sops.secrets.mailman_ldap_search = {
+    key = "portunus_search";
+    owner = config.services.mailman.webUser;
+  };
  services.mailman = {
    enable = true;
    serve.enable = true;
@ -7,5 +11,19 @@
    hyperkitty.enable = true;
    enablePostfix = true;
    siteOwner = "root@${config.fsr.domain}";
+    ldap = {
+      enable = true;
+      serverUri = "ldap://localhost";
+      bindDn = "uid=search, ou=users, dc=ifsr, dc=de";
+      bindPasswordFile = config.sops.secrets.mailman_ldap_search.path;
+      userSearch = {
+        ou = "ou=users, dc=ifsr, dc=de";
+        query = "(&(objectClass=posixAccount)(uid=%(user)s))";
+      };
+      groupSearch = {
+        ou = "ou=groups, dc=ifsr, dc=de";
+        query = "(objectClass=groupOfNames)";
+      };
+    };
  };
 }