dovecot_short_name: "dovecot" dovecot_default_values: replicaCount: 1 persistence: enabled: true existingClaim: mailboxes tls: enabled: true existingSecret: "{{ mail_short_name | default('mail') }}.{{ domain }}-secret" dovecot: configmaps: dovecot: dovecot: | protocols = imap lmtp sieve mail_max_userip_connections = 1000 mail_plugins = virtual haproxy_trusted_networks = 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 haproxy_timeout = 30s dict { #quota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext #expire = sqlite:/etc/dovecot/dovecot-dict-sql.conf.ext } # Most of the actual configuration gets included below. The filenames are # first sorted by their ASCII value and parsed in that order. The 00-prefixes # in filenames are intended to make it easier to understand the ordering. !include conf.d/*.conf # A config file can also tried to be included without giving an error if # it's not found: !include_try local.conf ldap: | uris = ldaps://{{ openldap_short_name | default('openldap') }}.{{ domain }} dn = uid=ldapbind,ou=services,{{ openldap_domain }} dnpass = {{ ldapbind_pass | default(ldapbind_password) }} auth_bind = yes auth_bind_userdn = uid=%n,ou=users,{{ openldap_domain }} tls = no ldap_version = 3 base = ou=users,{{ openldap_domain }} deref = never scope = subtree user_filter = (&(objectClass=posixAccount)(mail=%u)) user_attrs = cn=home=/home/vmail/%$ pass_filter = (&(objectClass=posixAccount)(mail=%u)) pass_attrs = uid=user,userPassword=password #default_pass_scheme = CRYPT confd: auth-ldap: | passdb { driver = ldap # Path for LDAP configuration file, see example-config/dovecot-ldap.conf.ext args = /etc/dovecot/ldap.conf } userdb { driver = ldap args = /etc/dovecot/ldap.conf } 10-auth: | auth_default_realm = {{ domain }} auth_username_format = %Lu auth_mechanisms = plain login 10-mail: | mail_location = maildir:%h namespace inbox { inbox = yes } mail_uid = vmail mail_gid = vmail first_valid_uid = 1000 last_valid_uid = 1000 first_valid_gid = 1000 last_valid_gid = 1000 protocol !indexer-worker { } mbox_write_locks = fcntl 10-master: | protocol imap { mail_plugins = virtual } service imap-login { inet_listener imap { #port = 143 } inet_listener imaps { #port = 993 #ssl = yes } inet_listener imap_haproxy { port = 1109 haproxy = yes } inet_listener imaps_haproxy { port = 10993 ssl = yes haproxy = yes } } service pop3-login { inet_listener pop3 { #port = 110 } inet_listener pop3s { #port = 995 #ssl = yes } } service lmtp { inet_listener lmtp { port = 24 } unix_listener /var/spool/postfix/private/dovecot-lmtp { mode = 0600 group = postfix user = postfix } user = vmail } service imap { } service pop3 { } service auth { inet_listener { port = 12345 } unix_listener auth-userdb { mode = 0660 user = vmail #group = } # Postfix smtp-auth unix_listener /var/spool/postfix/private/auth { mode = 0660 user = postfix group = postfix } } service auth-worker { } service dict { unix_listener dict { } } 10-ssl: | ssl = required #verbose_ssl = yes ssl_prefer_server_ciphers = yes ssl_min_protocol = TLSv1.2 ssl_cert =