From 54eebb9129f326a2bf7979bc4953b5dd8d33fb4d Mon Sep 17 00:00:00 2001
From: polarathene <5098581+polarathene@users.noreply.github.com>
Date: Sun, 3 Sep 2023 16:52:52 +1200
Subject: [PATCH] chore: `saslauthd.conf` generation - Use a base config for
 defaults

This avoids the ENV overriding user-provided settings due to the ENV having hard-coded fallback defaults when not explicitly set.
---
 target/features/ldap/saslauthd.base         | 2 ++
 target/scripts/startup/setup.d/saslauthd.sh | 3 +--
 2 files changed, 3 insertions(+), 2 deletions(-)
 create mode 100644 target/features/ldap/saslauthd.base

diff --git a/target/features/ldap/saslauthd.base b/target/features/ldap/saslauthd.base
new file mode 100644
index 00000000..4dddd75f
--- /dev/null
+++ b/target/features/ldap/saslauthd.base
@@ -0,0 +1,2 @@
+ldap_filter: (&(uniqueIdentifier=%u)(mailEnabled=TRUE))
+ldap_referrals: yes
diff --git a/target/scripts/startup/setup.d/saslauthd.sh b/target/scripts/startup/setup.d/saslauthd.sh
index daddb852..524a8bb5 100644
--- a/target/scripts/startup/setup.d/saslauthd.sh
+++ b/target/scripts/startup/setup.d/saslauthd.sh
@@ -31,13 +31,12 @@ function _create_config_saslauthd() {
   local SASLAUTHD_LDAP_BIND_DN=${SASLAUTHD_LDAP_BIND_DN:=${LDAP_BIND_DN}}
   local SASLAUTHD_LDAP_PASSWORD=${SASLAUTHD_LDAP_PASSWORD:=${LDAP_BIND_PW}}
   local SASLAUTHD_LDAP_SEARCH_BASE=${SASLAUTHD_LDAP_SEARCH_BASE:=${LDAP_SEARCH_BASE}}
-  local SASLAUTHD_LDAP_FILTER=${SASLAUTHD_LDAP_FILTER:=(&(uniqueIdentifier=%u)(mailEnabled=TRUE))}
-  local SASLAUTHD_LDAP_REFERRALS=${SASLAUTHD_LDAP_REFERRALS:=yes}
 
   # Generates a config from an ENV template while layering several other sources
   # into a single temporary file, used as input into `_cleanse_config` which
   # prepares the final output config.
   _cleanse_config ':' <(cat 2>/dev/null \
+    /etc/dms/ldap/saslauthd.base \
     /tmp/docker-mailserver/ldap/saslauthd.conf \
     <(_template_with_env 'SASLAUTHD_' /etc/dms/ldap/saslauthd.tmpl) \
   ) > /etc/saslauthd.conf