configure domain in a central file

machines/gerd/services/lldap.nix

@@ -1,13 +1,15 @@
 { config, ... }:
 
-{
+let
+  svc_domain = "ldap.${config.mine.settings.domain}";
+in {
   services.lldap = {
     enable = true;
 
     settings = {
       verbose = true;
       ldap_user_email = "fricloudlldap.grief462@simplelogin.com";
-      ldap_base_dn = "dc=fricloud,dc=dk";
+      ldap_base_dn = config.mine.settings.ldap.dc;
     };
 
     environment = {
@@ -20,7 +22,7 @@
     };
   };
 
-  services.nginx.virtualHosts."ldap.fricloud.dk" = {
+  services.nginx.virtualHosts."${svc_domain}" = {
     forceSSL = true;
     enableACME = true;
     locations."/".proxyPass = "http://localhost:${builtins.toString config.services.lldap.settings.http_port}";
@@ -51,7 +53,7 @@
     port = 3890;
     url = "ldap://${host}:${builtins.toString port}";
 
-    dc = "dc=fricloud,dc=dk";
+    dc = "dc=${config.mine.settings.domain_sld},dc=${config.mine.settings.domain_tld}";
     bind_dn = "uid=${users.bind},ou=${ou.users},${dc}";
     search_base = "ou=${ou.users},${dc}";
     user_filter = "(memberof=cn=${groups.member},ou=${ou.groups},${dc})";
@@ -78,6 +80,7 @@
       lastname = "sn";
       email = "mail";
       avatar = "jpegPhoto";
+      groupname = "cn";
     };
 
     age_secret = config.age.secrets.lldap-bind-user-pass.path;