move ldap config to secret

2025-07-26 18:21:25 +10:00 · 2025-07-26 18:21:25 +10:00 · cd22f78e16
commit cd22f78e16
parent 642a10b289
1 changed files with 6 additions and 10 deletions
--- a/deployments/home-server/dovecot.yaml
+++ b/deployments/home-server/dovecot.yaml
@ -39,14 +39,6 @@ data:
        ssl = yes
      }
    }
-  ldap.conf: |
-    hosts = ldap://auth.hxme.net
-    auth_bind = yes
-    base = dc=ldap,dc=goauthentik,dc=io
-    dn = cn=binduser,ou=service-accounts,dc=ldap,dc=goauthentik,dc=io
-    dnpass = FtaJpthRpKyhEEy69H5qxPymtSeSeuCT9SQCdXmWDeAe7cgTCnk6HXpSzTNS
-    user_attrs = =home=/data/%u
-    user_filter = (&(objectClass=person)(uid=%u))

 ---
 apiVersion: apps/v1
@ -73,6 +65,10 @@ spec:
          volumeMounts:
            - name: config
              mountPath: /config/
+            - name: ldap-config
+              mountPath: /config/ldap.conf
+              subPath: ldap.conf
+              readOnly: true
            - name: certs
              mountPath: /etc/ssl/hxme
              readOnly: true
@ -81,8 +77,8 @@ spec:
          configMap:
            name: dovecot-config
        - name: ldap
-          configMap:
-            name: dovecot-ldap
+          secret:
+            secretName: dovecot-ldap
        - name: tls
          secret:
            secretName: wildcard-hxme-net