From b81cd980655012ba72be8b02daa5ee195ef1ce88 Mon Sep 17 00:00:00 2001
From: niten <niten@fudo.org>
Date: Fri, 29 Sep 2023 14:51:54 -0700
Subject: [PATCH] Okay, use LDAP bind-dn

---
 mail-server.nix | 22 +++++++++++-----------
 1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/mail-server.nix b/mail-server.nix
index c4f467f..4157fd0 100644
--- a/mail-server.nix
+++ b/mail-server.nix
@@ -114,16 +114,16 @@ in {
         description = "Token with which to authenticate to the Authentik host.";
       };
 
-      # bind-dn = mkOption {
-      #   type = str;
-      #   description = "DN as which to bind with the LDAP server.";
-      # };
+      bind-dn = mkOption {
+        type = str;
+        description = "DN as which to bind with the LDAP server.";
+      };
 
-      # bind-password-file = mkOption {
-      #   type = str;
-      #   description =
-      #     "File containing password with which to bind with the LDAP server.";
-      # };
+      bind-password-file = mkOption {
+        type = str;
+        description =
+          "File containing password with which to bind with the LDAP server.";
+      };
 
       base = mkOption {
         type = str;
@@ -240,8 +240,8 @@ in {
           (concatStringsSep "\n" [
             "uris = ldap://ldap-proxy:3389"
             "ldap_version = 3"
-            # "dn = ${cfg.ldap.bind-dn}"
-            # "dnpass = ${readFile cfg.ldap.bind-password-file}"
+            "dn = ${cfg.ldap.bind-dn}"
+            "dnpass = ${readFile cfg.ldap.bind-password-file}"
             "auth_bind = yes"
             "auth_bind_userdn = uid=%u,${cfg.ldap.member-ou},${cfg.ldap.base}"
             "base = ${cfg.ldap.base}"