2 files changed, 5 insertions, 3 deletions

diff --git a/mail-server/common.nix b/mail-server/common.nix
index 236530b..edea7f0 100644
--- a/mail-server/common.nix
+++ b/mail-server/common.nix
@@ -49,7 +49,7 @@ in
   # Appends the LDAP bind password to files to avoid writing this
   # password into the Nix store.
   appendLdapBindPwd = {
-    name, file, prefix, passwordFile, destination
+    name, file, prefix, suffix ? "", passwordFile, destination
   }: pkgs.writeScript "append-ldap-bind-pwd-in-${name}" ''
     #!${pkgs.stdenv.shell}
     set -euo pipefail
@@ -61,8 +61,9 @@ in
     fi
 
     cat ${file} > ${destination}
-    echo -n "${prefix}" >> ${destination}
+    echo -n '${prefix}' >> ${destination}
     cat ${passwordFile} >> ${destination}
+    echo -n '${suffix}' >> ${destination}
     chmod 600 ${destination}
   '';
 
diff --git a/mail-server/dovecot.nix b/mail-server/dovecot.nix
index 6459846..a6251fd 100644
--- a/mail-server/dovecot.nix
+++ b/mail-server/dovecot.nix
@@ -90,7 +90,8 @@ let
   setPwdInLdapConfFile = appendLdapBindPwd {
     name = "ldap-conf-file";
     file = ldapConfig;
-    prefix = "dnpass = ";
+    prefix = ''dnpass = "'';
+    suffix = ''"'';
     passwordFile = cfg.ldap.bind.passwordFile;
     destination = ldapConfFile;
   };