majic-ansible-roles Files · roles/mail_server/templates/99-local.conf.j2

Files @ ceb51ff23ae3

Branch filter:

Location: majic-ansible-roles/roles/mail_server/templates/99-local.conf.j2

ceb51ff23ae3 1.1 KiB text/plain Show Annotation Show as Raw Download as Raw

branko

MAR-132: Added support to xmpp_server role for Debian 9 (Stretch):

- Updated tests to include Debian 9 in testing. Existing private keys
are reused where possible (since most of the naming is identical
between the machines with jessie/stretch).
- Updated invocation of sendxmpp in tests as workaround for
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854210.
- Updated testing of imported keys to accomodate differences between
gpg/gpg2 (used by apt-key in Jessie/Stretch).

# Authentication configuration.
auth_mechanisms = plain login

passdb {
  driver = ldap
  args = /etc/dovecot/dovecot-ldap.conf.ext
}

userdb {
  driver = ldap
  args = /etc/dovecot/dovecot-ldap.conf.ext
  default_fields = uid={{ mail_user }} gid={{ mail_user }} home=/var/{{ mail_user}}/%d/%n
}

# Mail storage configuration.
mail_location = maildir:/var/{{ mail_user}}/%d/%n/Maildir
namespace inbox {
  inbox = yes
  separator = {{ imap_folder_separator }}
}

# Communication with other services.
service auth {
  unix_listener /var/spool/postfix/private/auth {
    mode = 0660
    user = postfix
    group = postfix
  }
}

# TLS configuration.
ssl_cert = </etc/ssl/certs/{{ ansible_fqdn }}_imap.pem
ssl_key = </etc/ssl/private/{{ ansible_fqdn }}_imap.key
ssl_protocols = {{ mail_server_tls_protocols | join(' ') }}
ssl_cipher_list = {{ mail_server_tls_ciphers }}
ssl = required

# Mail delivery.
protocol lda {
  mail_plugins = $mail_plugins sieve
  postmaster_address = {{ mail_postmaster }}
}

# IMAP configuration.
protocol imap {
  mail_max_userip_connections = {{ imap_max_user_connections_per_ip }}
}