majic-ansible-roles Files · roles/mail_server/templates/99-local.conf.j2

Files @ 325b9d16a72b

Branch filter:

Location: majic-ansible-roles/roles/mail_server/templates/99-local.conf.j2

325b9d16a72b 1.1 KiB text/plain Show Annotation Show as Raw Download as Raw

branko

MAR-151: Added support for Debian 10 Buster to common role:

- Updated tests.
- Updated role reference documentation.
- Updated role metadata information.
- Refactored IP plan for the test machines for better separation
between different types of machines and versions.
- Parametrised tests for limited connectivity using the maintenance
mode.
- Don't use MariaDB compat package in tests - name differs between
Debian 9 and Debian 10, and relevant parameter is already getting
tested properly using the remaining packages.

# Authentication configuration.
auth_mechanisms = plain login

passdb {
  driver = ldap
  args = /etc/dovecot/dovecot-ldap.conf.ext
}

userdb {
  driver = ldap
  args = /etc/dovecot/dovecot-ldap.conf.ext
  default_fields = uid={{ mail_user }} gid={{ mail_user }} home=/var/{{ mail_user}}/%d/%n
}

# Mail storage configuration.
mail_location = maildir:/var/{{ mail_user}}/%d/%n/Maildir
namespace inbox {
  inbox = yes
  separator = {{ imap_folder_separator }}
}

# Communication with other services.
service auth {
  unix_listener /var/spool/postfix/private/auth {
    mode = 0660
    user = postfix
    group = postfix
  }
}

# TLS configuration.
ssl_cert = </etc/ssl/certs/{{ ansible_fqdn }}_imap.pem
ssl_key = </etc/ssl/private/{{ ansible_fqdn }}_imap.key
ssl_dh_parameters_length = 2048
ssl_protocols = {{ mail_server_tls_protocols | join(' ') }}
ssl_cipher_list = {{ mail_server_tls_ciphers }}
ssl = required

# Mail delivery.
protocol lda {
  mail_plugins = $mail_plugins sieve
  postmaster_address = {{ mail_postmaster }}
}

# IMAP configuration.
protocol imap {
  mail_max_userip_connections = {{ imap_max_user_connections_per_ip }}
}