ghp/ansible
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
9887a11672
ansible/roles/dovecot/defaults/main.yaml
ace 084b38941d
update mail services
2022-12-25 00:46:42 +03:00

196 lines
5.6 KiB
YAML
Raw Blame History

dovecot_short_name: "dovecot"
dovecot_default_values:
replicaCount: 1
persistence:
enabled: true
existingClaim: mailboxes
tls:
enabled: true
existingSecret: "{{ mail_short_name | default('mail') }}.{{ domain }}-secret"
dovecot:
configmaps:
dovecot:
dovecot: |
protocols = imap lmtp sieve
mail_max_userip_connections = 1000
mail_plugins = virtual
haproxy_trusted_networks = 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16
haproxy_timeout = 30s
dict {
#quota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext
#expire = sqlite:/etc/dovecot/dovecot-dict-sql.conf.ext
}
# Most of the actual configuration gets included below. The filenames are
# first sorted by their ASCII value and parsed in that order. The 00-prefixes
# in filenames are intended to make it easier to understand the ordering.
!include conf.d/*.conf
# A config file can also tried to be included without giving an error if
# it's not found:
!include_try local.conf
ldap: |
uris = ldaps://{{ openldap_short_name | default('openldap') }}.{{ domain }}
dn = uid=ldapbind,ou=services,{{ openldap_domain }}
dnpass = {{ ldapbind_pass | default(ldapbind_password) }}
auth_bind = yes
auth_bind_userdn = uid=%n,ou=users,{{ openldap_domain }}
tls = no
ldap_version = 3
base = ou=users,{{ openldap_domain }}
deref = never
scope = subtree
user_filter = (&(objectClass=posixAccount)(mail=%u))
user_attrs = cn=home=/home/vmail/%$
pass_filter = (&(objectClass=posixAccount)(mail=%u))
pass_attrs = uid=user,userPassword=password
#default_pass_scheme = CRYPT
confd:
auth-ldap: |
passdb {
driver = ldap
# Path for LDAP configuration file, see example-config/dovecot-ldap.conf.ext
args = /etc/dovecot/ldap.conf
}
userdb {
driver = ldap
args = /etc/dovecot/ldap.conf
}
10-auth: |
auth_default_realm = {{ domain }}
auth_username_format = %Lu
auth_mechanisms = plain login
10-mail: |
mail_location = maildir:%h
namespace inbox {
inbox = yes
}
mail_uid = vmail
mail_gid = vmail
first_valid_uid = 1000
last_valid_uid = 1000
first_valid_gid = 1000
last_valid_gid = 1000
protocol !indexer-worker {
}
mbox_write_locks = fcntl
10-master: |
protocol imap {
mail_plugins = virtual
}
service imap-login {
inet_listener imap {
#port = 143
}
inet_listener imaps {
#port = 993
#ssl = yes
}
inet_listener imap_haproxy {
port = 1109
haproxy = yes
}
inet_listener imaps_haproxy {
port = 10993
ssl = yes
haproxy = yes
}
}
service pop3-login {
inet_listener pop3 {
#port = 110
}
inet_listener pop3s {
#port = 995
#ssl = yes
}
}
service lmtp {
inet_listener lmtp {
port = 24
}
unix_listener /var/spool/postfix/private/dovecot-lmtp {
mode = 0600
group = postfix
user = postfix
}
user = vmail
}
service imap {
}
service pop3 {
}
service auth {
inet_listener {
port = 12345
}
unix_listener auth-userdb {
mode = 0660
user = vmail
#group =
}
# Postfix smtp-auth
unix_listener /var/spool/postfix/private/auth {
mode = 0660
user = postfix
group = postfix
}
}
service auth-worker {
}
service dict {
unix_listener dict {
}
}
10-ssl: |
ssl = required
#verbose_ssl = yes
ssl_prefer_server_ciphers = yes
ssl_min_protocol = TLSv1.2
ssl_cert = </tls/tls.crt
ssl_key = </tls/tls.key
10-logging: |
log_path = /dev/stderr
info_log_path = /dev/stdout
debug_log_path = /dev/stdout
15-lda: |
postmaster_address = postmaster@{{ domain }}
hostname = {{ domain }}
rejection_reason = Your message to was automatically rejected:%n%r
protocol lda {
mail_plugins = virtual sieve
}
20-lmtp: |
protocol lmtp {
mail_plugins = virtual sieve
postmaster_address = postmaster@{{ domain }}
}
20-managesieve: |
service managesieve-login {
inet_listener sieve {
port = 4190
ssl = yes
}
service_count = 1
vsz_limit = 64M
}
service managesieve {
process_limit = 1024
}
service:
type: LoadBalancer
loadBalancerIP: "{{ dovecot_loadbalancer_ip | default(omit) }}"
Reference in New Issue View Git Blame Copy Permalink