Files
@ 24120c68c6b4
Branch filter:
Location: majic-ansible-roles/testsite/group_vars/mail.yml - annotation
24120c68c6b4
1.4 KiB
text/x-yaml
MAR-196: Simplify allowed TLS protocol configuration for mail_server role:
- Accept minimum version allowed instead of arbitrary list.
- Fixes deprecation warnings in Dovecot logs (ssl_protocols ->
ssl_min_protocol transition).
- Accept minimum version allowed instead of arbitrary list.
- Fixes deprecation warnings in Dovecot logs (ssl_protocols ->
ssl_min_protocol transition).
be262063970c be262063970c 0f17841d0aad 1b05bae8e440 4313878669b1 1b50bc1cc817 1b50bc1cc817 ce1b1a242584 1b50bc1cc817 1b50bc1cc817 1b50bc1cc817 85d2a408fd21 3bd270c9e860 3bd270c9e860 3bd270c9e860 18cd76ec050d 18cd76ec050d 18cd76ec050d 18cd76ec050d 67d9190a521a 67d9190a521a 67d9190a521a 1bdb64307968 1bdb64307968 0f17841d0aad 298c0dbe1698 298c0dbe1698 0f17841d0aad 0f17841d0aad 111e954e826d 24c957d877de 111e954e826d 8548876c068b 8548876c068b 24120c68c6b4 8548876c068b b56ccd5a92ee b56ccd5a92ee b56ccd5a92ee | ---
mail_ldap_url: ldap://ldap.{{ testsite_domain }}/
mail_ldap_tls_truststore: "{{ lookup('file', inventory_dir + '/tls/ca.pem') }}"
mail_ldap_base_dn: "{{ testsite_ldap_base }}"
mail_ldap_postfix_password: postfix
mail_ldap_dovecot_password: dovecot
mail_user: vmail
mail_user_uid: 5000
mail_user_gid: 5000
local_mail_aliases:
root: "root john.doe@{{ testsite_domain }}"
imap_tls_certificate: "{{ lookup('file', inventory_dir + '/tls/mail.' + testsite_domain + '_imap.pem') }}"
imap_tls_key: "{{ lookup('file', inventory_dir + '/tls/mail.' + testsite_domain + '_imap.key') }}"
smtp_tls_certificate: "{{ lookup('file', inventory_dir + '/tls/mail.' + testsite_domain + '_smtp.pem') }}"
smtp_tls_key: "{{ lookup('file', inventory_dir + '/tls/mail.' + testsite_domain + '_smtp.key') }}"
imap_folder_separator: /
smtp_rbl:
- bl.spamcop.net
- zen.spamhaus.org
mail_postmaster: postmaster@{{ testsite_domain }}
smtp_allow_relay_from:
- ldap.{{ testsite_domain }}
- xmpp.{{ testsite_domain }}
- web.{{ testsite_domain }}
- ws01.{{ testsite_domain }}
imap_max_user_connections_per_ip: 50
mail_server_minimum_tls_protocol: TLSv1.1
mail_server_tls_ciphers: "DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-GCM-SHA384:\
DHE-RSA-AES256-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-GCM-SHA384:\
ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA:!aNULL:!MD5:!EXPORT"
|