@@ -776,6 +776,18 @@ role.
mail_user_uid: 5000
mail_user_gid: 5000
# Set private keys and certificates to use for the IMAP service.
imap_tls_certificate: "{{ lookup('file', 'tls/comms.example.com_imap.pem') }}"
imap_tls_key: "{{ lookup('file', 'tls/comms.example.com_imap.key') }}"
# Set private keys and certificates to use for the SMTP service.
smtp_tls_certificate: "{{ lookup('file', 'tls/comms.example.com_smtp.pem') }}"
smtp_tls_key: "{{ lookup('file', 'tls/comms.example.com_smtp.key') }}"
# Set the X.509 certificate truststore to use for validating the
# LDAP server certificate.
mail_ldap_tls_truststore: "{{ lookup('file', 'tls/truststore.pem') }}"
3. There are two distinct mail services that need to access the LDAP directory -
*Postfix* (serving as an SMTP server), and *Dovecot* (serving as an IMAP
server). These two need their own dedicated LDAP entries on the LDAP server in