diff --git a/applications/email.nix b/applications/email.nix index 7e1ec24..6b5df6b 100644 --- a/applications/email.nix +++ b/applications/email.nix @@ -155,6 +155,9 @@ dovecot = { userFilter = "(skMail=%u)"; + # can lock down how much space each user has access to from ldap + userAttrs = "quotaEmail=quota_rule=*:bytes=%$"; + # accept emails in, but only allow access to paid up members passFilter = "(&(|${create_filter cfg.groups})(skMail=%u))"; }; diff --git a/applications/ldap/skMemberOf.ldif b/applications/ldap/skMemberOf.ldif index bae3d26..fde3159 100644 --- a/applications/ldap/skMemberOf.ldif +++ b/applications/ldap/skMemberOf.ldif @@ -42,10 +42,23 @@ olcAttributeTypes: ( 1.3.6.1.4.1.24441.1.6.1 # EQUALITY booleanMatch # SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 # ) +# https://github.com/variablenix/ldap-mail-schema/blob/master/quota.schema +olcAttributeTypes: ( 1.3.6.1.4.1.24441.1.8.1 + NAME 'quotaEmail' + DESC 'Quotas for Email' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{255} + ) +olcAttributeTypes: ( 1.3.6.1.4.1.24441.1.9.1 + NAME 'quotaDisk' + DESC 'Quotas for Home dir' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{255} + ) olcObjectClasses: ( 1.3.6.1.4.1.24441.1.1.1 NAME 'skPerson' DESC 'skynet person' SUP top AUXILIARY MUST ( skMail $ skCreated ) - MAY ( skMemberOf $ skID $ skDiscord ) + MAY ( skMemberOf $ skID $ skDiscord $ quotaEmail $ quotaDisk ) )