From cd22f78e167f8a897a0e2cafc3db8875fbd95ccb Mon Sep 17 00:00:00 2001
From: j <repobase@j7b.net>
Date: Sat, 26 Jul 2025 18:21:25 +1000
Subject: [PATCH] move ldap config to secret

---
 deployments/home-server/dovecot.yaml | 16 ++++++----------
 1 file changed, 6 insertions(+), 10 deletions(-)

diff --git a/deployments/home-server/dovecot.yaml b/deployments/home-server/dovecot.yaml
index facd31c..0f49048 100644
--- a/deployments/home-server/dovecot.yaml
+++ b/deployments/home-server/dovecot.yaml
@@ -39,14 +39,6 @@ data:
         ssl = yes
       }
     }
-  ldap.conf: |
-    hosts = ldap://auth.hxme.net
-    auth_bind = yes
-    base = dc=ldap,dc=goauthentik,dc=io
-    dn = cn=binduser,ou=service-accounts,dc=ldap,dc=goauthentik,dc=io
-    dnpass = FtaJpthRpKyhEEy69H5qxPymtSeSeuCT9SQCdXmWDeAe7cgTCnk6HXpSzTNS
-    user_attrs = =home=/data/%u
-    user_filter = (&(objectClass=person)(uid=%u))
 
 ---
 apiVersion: apps/v1
@@ -73,6 +65,10 @@ spec:
           volumeMounts:
             - name: config
               mountPath: /config/
+            - name: ldap-config
+              mountPath: /config/ldap.conf
+              subPath: ldap.conf
+              readOnly: true
             - name: certs
               mountPath: /etc/ssl/hxme
               readOnly: true
@@ -81,8 +77,8 @@ spec:
           configMap:
             name: dovecot-config
         - name: ldap
-          configMap:
-            name: dovecot-ldap
+          secret:
+            secretName: dovecot-ldap
         - name: tls
           secret:
             secretName: wildcard-hxme-net