Files
@ acd104ed9b5e
Branch filter:
Location: majic-ansible-roles/roles/mail_server/templates/99-local.conf.j2 - annotation
acd104ed9b5e
1.3 KiB
text/plain
MAR-151: Switch to using PyMySQL module for database and database_server role:
- Explicitly specify the path to MariaDB unix socket to enforce unix
socket authentication.
- Explicitly specify the path to MariaDB unix socket to enforce unix
socket authentication.
107417b217e0 107417b217e0 107417b217e0 107417b217e0 107417b217e0 107417b217e0 107417b217e0 107417b217e0 107417b217e0 107417b217e0 107417b217e0 1b50bc1cc817 107417b217e0 107417b217e0 107417b217e0 1b50bc1cc817 98d0bcf75e46 98d0bcf75e46 98d0bcf75e46 98d0bcf75e46 107417b217e0 107417b217e0 107417b217e0 107417b217e0 107417b217e0 107417b217e0 107417b217e0 107417b217e0 107417b217e0 107417b217e0 107417b217e0 18cd76ec050d 18cd76ec050d 069c78425a29 4e121413ca5c 069c78425a29 069c78425a29 069c78425a29 069c78425a29 069c78425a29 f79cc0281c7c f344ed6181a9 107417b217e0 107417b217e0 107417b217e0 107417b217e0 107417b217e0 1bdb64307968 107417b217e0 111e954e826d 111e954e826d 111e954e826d 111e954e826d 111e954e826d | # Authentication configuration.
auth_mechanisms = plain login
passdb {
driver = ldap
args = /etc/dovecot/dovecot-ldap.conf.ext
}
userdb {
driver = ldap
args = /etc/dovecot/dovecot-ldap.conf.ext
default_fields = uid={{ mail_user }} gid={{ mail_user }} home=/var/{{ mail_user}}/%d/%n
}
# Mail storage configuration.
mail_location = maildir:/var/{{ mail_user}}/%d/%n/Maildir
namespace inbox {
inbox = yes
separator = {{ imap_folder_separator }}
}
# Communication with other services.
service auth {
unix_listener /var/spool/postfix/private/auth {
mode = 0660
user = postfix
group = postfix
}
}
# TLS configuration.
ssl_cert = </etc/ssl/certs/{{ ansible_fqdn }}_imap.pem
ssl_key = </etc/ssl/private/{{ ansible_fqdn }}_imap.key
{% if ansible_distribution_release == "stretch" %}
ssl_dh_parameters_length = 2048
{% elif ansible_distribution_release == "buster" %}
ssl_dh=</etc/ssl/private/{{ inventory_hostname }}_imap.dh.pem
{% else %}
{{ unsupported_distribution_release }}
{% endif %}
ssl_protocols = {{ mail_server_tls_protocols | join(' ') }}
ssl_cipher_list = {{ mail_server_tls_ciphers }}
ssl = required
# Mail delivery.
protocol lda {
mail_plugins = $mail_plugins sieve
postmaster_address = {{ mail_postmaster }}
}
# IMAP configuration.
protocol imap {
mail_max_userip_connections = {{ imap_max_user_connections_per_ip }}
}
|