From fda1e1845f5e67ecf49f86707f134d0fca000470 Mon Sep 17 00:00:00 2001
From: toufic ar <contact@toufy.me>
Date: Wed, 28 Jan 2026 19:12:04 +0200
Subject: [PATCH] radicale: using hashedPasswordFile

---
 config/mail/default.nix | 20 +++-----------------
 1 file changed, 3 insertions(+), 17 deletions(-)

diff --git a/config/mail/default.nix b/config/mail/default.nix
index b9a3afc..0c10f2e 100644
--- a/config/mail/default.nix
+++ b/config/mail/default.nix
@@ -1,9 +1,4 @@
-{
-  config,
-  lib,
-  pkgs,
-  ...
-}: let
+{config, ...}: let
   mailDomain = config.customOps.domain;
 in {
   sops.secrets = {
@@ -76,21 +71,12 @@ in {
     '';
   };
 
-  services.radicale = let
-    mailAccounts = config.mailserver.loginAccounts;
-    htpasswd = pkgs.writeText "radicale.users" (
-      lib.concatStrings
-      (lib.flip lib.mapAttrsToList mailAccounts (
-        mail: user:
-          mail + ":" + user.hashedPassword + "\n"
-      ))
-    );
-  in {
+  services.radicale = {
     enable = true;
     settings = {
       auth = {
         type = "htpasswd";
-        htpasswd_filename = "${htpasswd}";
+        htpasswd_filename = "/run/secrets/mailserver";
         htpasswd_encryption = "bcrypt";
       };
     };