From 4f5137c6b90d195dc0451813a6ba6be0f7a62779 Mon Sep 17 00:00:00 2001
From: tenksom <joachim@stramke.com>
Date: Tue, 7 Mar 2023 13:06:24 +0100
Subject: [PATCH] Adding ldap, nginx, postgresql config in SOGo

---
 modules/sogo.nix | 50 ++++++++++++++++++++++++++++++++++++++----------
 1 file changed, 40 insertions(+), 10 deletions(-)

diff --git a/modules/sogo.nix b/modules/sogo.nix
index 91b2797..1931c59 100644
--- a/modules/sogo.nix
+++ b/modules/sogo.nix
@@ -1,15 +1,20 @@
 {config, pkgs, ... }:
 let
-	hostname = "webmail.${config.fsr.domain}";
+	SOGo-hostname = "mail.${config.fsr.domain}";
 	domain = config.fsr.domain;
-	
 in
 {
+	sops.secrets.sogo_ldap_search = {
+		key = "portunus_search";
+		# owner = config.systemd.services   keine Ahnung was hier hin soll
+	
+	
+	};
 	services = {
 		sogo = {
 			enable = true;
 			language = "German";
-			extraConfig = "
+			extraConfig = ''
 				WOWorkersCount = 10;
 				SOGoUserSources = ({
 					type = ldap;
@@ -17,15 +22,40 @@ in
 					UIDFieldName = uid;
 					baseDN = "ou = users, dc=ifsr, dc=de";
 					bindDN = "uid=search, ou=users, dc=ifsr, dc=de";
-					bindPassword = qwertz;
+					bindPassword = ${config.sops.secrets.SOGo_ldap_search.path}; 
 					hostname = "ldap://localhost";
-				});		
+					canAuthenticate = YES;
+					id = directory;
+			
+				});
+				SOGoProfileURL = "postgresql://sogo:sogo@localhost:5432/		
 	
-			";
-		}
+			''; # Hier ist bindPassword noch nicht vollständig
+		};
 		postgresql = {
-			enable = true;
-		}
+			ensureUsers = [{
+				name = "SOGo";
+			}];
+			ensureDatabases = [ "SOGo" ];
+		};
+		
+		nginx = {
+			recommendedProxySettings = true;
+			virtualHosts."${SOGo-hostname}" = {
+				forceSSL = true;
+				enableACME = true;
+				locations = {
+					"/" = {
+						proxyPass = "http://127.0.0.1:443";
+						proxyWebsockets = true;
+					};
+				};
 		
-	}
 
+
+
+
+		};
+		
+	};
+}