christian
/
nixos-mailserver
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

implement OAuth support

This commit is contained in:
Christian Ulrich 2024-10-31 16:58:53 +01:00
parent af7d3bf5da
commit 85c7a13692
No known key found for this signature in database
GPG Key ID: 8241BE099775A097
2 changed files with 24 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
default.nix
View File

@ -358,6 +358,21 @@ in
}; };
}; };
oauth = {
enable = mkEnableOption "OAuth 2.0 support";
backendConfigFile = mkOption {
type = types.path;
default = null;
description = ''
Path to the dovecot backend configuration file. See
https://doc.dovecot.org/2.3/configuration_manual/authentication/oauth2/
for more information.
'';
example = "/var/lib/dovecot/dovecot-oauth2.conf.ext";
};
};
indexDir = mkOption { indexDir = mkOption {
type = types.nullOr types.str; type = types.nullOr types.str;
default = null; default = null;

10
mail-server/dovecot.nix
View File

@ -324,6 +324,14 @@ in
} }
''} ''}
${lib.optionalString cfg.oauth.enable ''
passdb {
driver = oauth2
mechanisms = xoauth2 oauthbearer
args = ${cfg.oauth.backendConfigFile}
}
''}
service auth { service auth {
unix_listener auth { unix_listener auth {
mode = 0660 mode = 0660
@ -332,7 +340,7 @@ in
} }
} }
auth_mechanisms = plain login auth_mechanisms = plain login${lib.optionalString cfg.oauth.enable " oauthbearer xoauth2"}
namespace inbox { namespace inbox {
separator = ${cfg.hierarchySeparator} separator = ${cfg.hierarchySeparator}