Files @ 8d272d91d3d2
Branch filter:

Location: majic-ansible-roles/roles/mail_server/templates/ldap-virtual-mailbox-maps.cf.j2 - annotation

8d272d91d3d2 462 B text/plain Show Source Show as Raw Download as Raw
branko
MAR-165: Deploy Diffie-Helman parameters for LDAP server in the ldap_server role:

- Not relevant for Debian Strech because of a bug in the OpenLDAP
version it ships with.
- This should allow use of DHE ciphers with LDAP server.
- Generated DH parameters only help pick one of the parameters from
RFC-7919 (based on the size of generated ones).
- Make the cipher test lists distro-specific due to differences
between supported algorithms in respective GnuTLS versions.
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
f7579be2c24b
1b50bc1cc817
f7579be2c24b
f7579be2c24b
1b05bae8e440
f7579be2c24b
4313878669b1
1b50bc1cc817
f7579be2c24b
f7579be2c24b
f7579be2c24b
4313878669b1
f7579be2c24b
4313878669b1
f7579be2c24b

# Connection settings.
server_host = {{ mail_ldap_url }}
start_tls = yes
tls_require_cert = yes
tls_ca_cert_file = /etc/ssl/certs/mail_ldap_tls_truststore.pem
bind = yes
bind_dn = cn=postfix,ou=services,{{ mail_ldap_base_dn }}
bind_pw = {{ mail_ldap_postfix_password }}
version = 3

# Query settings
search_base = ou=people,{{ mail_ldap_base_dn }}
scope = one
query_filter = (&(mail=%s)(memberOf=cn=mail,ou=groups,{{mail_ldap_base_dn}}))
result_attribute = mail
This site is powered by Kallithea 0.7.0, which is © 2010–2024 by various authors & licensed under GPLv3.