From d911e5da33c42afefff1034096250ea3538a1b09 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lauri=20V=C3=B5sandi?= <lauri.vosandi@gmail.com>
Date: Tue, 10 Apr 2018 09:28:47 +0000
Subject: [PATCH] config: Add 'mail suffix' for POSIX accounts to derive e-mail

---
 certidude/config.py                    | 1 +
 certidude/templates/server/server.conf | 2 ++
 certidude/user.py                      | 2 +-
 3 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/certidude/config.py b/certidude/config.py
index e33aa85..a07e17e 100644
--- a/certidude/config.py
+++ b/certidude/config.py
@@ -13,6 +13,7 @@ AUTHENTICATION_BACKENDS = set([j for j in
     cp.get("authentication", "backends").split(" ") if j])   # kerberos, pam, ldap
 AUTHORIZATION_BACKEND = cp.get("authorization", "backend")  # whitelist, ldap, posix
 ACCOUNTS_BACKEND = cp.get("accounts", "backend")             # posix, ldap
+MAIL_SUFFIX = cp.get("accounts", "mail suffix")
 
 KERBEROS_KEYTAB = cp.get("authentication", "kerberos keytab")
 LDAP_AUTHENTICATION_URI = cp.get("authentication", "ldap uri")
diff --git a/certidude/templates/server/server.conf b/certidude/templates/server/server.conf
index 5d490e4..9ace2cb 100644
--- a/certidude/templates/server/server.conf
+++ b/certidude/templates/server/server.conf
@@ -21,6 +21,8 @@ kerberos keytab = FILE:{{ kerberos_keytab }}
 # updated automatically by /etc/cron.hourly/certidude
 
 backend = posix
+mail suffix = example.lan
+
 ;backend = ldap
 ldap gssapi credential cache = /run/certidude/krb5cc
 ldap uri = ldap://dc.example.lan
diff --git a/certidude/user.py b/certidude/user.py
index a125a1e..6d8474f 100644
--- a/certidude/user.py
+++ b/certidude/user.py
@@ -39,7 +39,7 @@ class PosixUserManager(object):
         _, _, _, _, gecos, _, _ = pwd.getpwnam(username)
         gecos = gecos.split(",")
         full_name = gecos[0]
-        mail = "%s@%s" % ("tteearu", "k-space.ee") # username, "k-space.ee") # const.DOMAIN)
+        mail = "%s@%s" % (username, config.MAIL_SUFFIX)
         if full_name and " " in full_name:
             given_name, surname = full_name.split(" ", 1)
             return User(username, mail, given_name, surname)