From 6775502be3abe32beefb8fc3ec445628e41ac13a Mon Sep 17 00:00:00 2001
From: Antoine Eiche <lewo@abesis.fr>
Date: Sat, 20 May 2023 09:52:25 +0200
Subject: [PATCH] ldap: set assertions to forbid ldap and loginAccounts
 simultaneously

---
 default.nix                |  1 +
 mail-server/assertions.nix | 17 +++++++++++++++++
 2 files changed, 18 insertions(+)
 create mode 100644 mail-server/assertions.nix

diff --git a/default.nix b/default.nix
index 2cb7d3d..66b863e 100644
--- a/default.nix
+++ b/default.nix
@@ -1252,6 +1252,7 @@ in
   };
 
   imports = [
+    ./mail-server/assertions.nix
     ./mail-server/borgbackup.nix
     ./mail-server/debug.nix
     ./mail-server/rsnapshot.nix
diff --git a/mail-server/assertions.nix b/mail-server/assertions.nix
new file mode 100644
index 0000000..d2c44ea
--- /dev/null
+++ b/mail-server/assertions.nix
@@ -0,0 +1,17 @@
+{ config, lib, pkgs, ... }:
+{
+  assertions = lib.optionals config.mailserver.ldap.enable [
+    {
+      assertion = config.mailserver.loginAccounts == {};
+      message = "When the LDAP support is enable (mailserver.ldap.enable = true), it is not possible to define mailserver.loginAccounts";
+    }
+    {
+      assertion = config.mailserver.extraVirtualAliases == {};
+      message = "When the LDAP support is enable (mailserver.ldap.enable = true), it is not possible to define mailserver.extraVirtualAliases";
+    }
+    {
+      assertion = config.mailserver.forwards == {};
+      message = "When the LDAP support is enable (mailserver.ldap.enable = true), it is not possible to define mailserver.forwards";
+    }
+  ];
+}