feat(mail): Add dovecot configuration

This commit is contained in:
v-lafeychine 2023-12-17 18:08:54 +01:00
parent 10087b354b
commit 39119a4ffa
Signed by: v-lafeychine
GPG key ID: F46CAAD27C7AB0D5
7 changed files with 190 additions and 0 deletions

View file

@ -1,4 +1,12 @@
--- ---
dovecot__auth_default_realm: test.auro.re
dovecot__auth_users:
jeltz@test.auro.re: "{plain}password"
lafeych@test.auro.re: "{plain}password"
toto@test.auro.re: "{plain}password"
root@test.auro.re: "{plain}L9yXSrCbbafMlMls5q7WWMKC612XNbXL"
dovecot__lmtp_postmaster_address: postmaster@test.auro.re
ifupdown2__interfaces: ifupdown2__interfaces:
ext0: ext0:
addresses: addresses:

View file

@ -4,4 +4,5 @@
- vm_test - vm_test
roles: roles:
- postfix - postfix
- dovecot
... ...

View file

@ -0,0 +1,3 @@
---
dovecot__auth_users: {}
...

View file

@ -0,0 +1,6 @@
---
- name: Reload dovecot
systemd:
name: dovecot.service
state: reloaded
...

View file

@ -0,0 +1,47 @@
---
- name: Install dovecot
apt:
name:
- dovecot-core
- dovecot-imapd
- dovecot-lmtpd
- dovecot-managesieved
- dovecot-sieve
- name: Create group vmail for dovecot
group:
name: vmail
- name: Create account vmail for dovecot
user:
group: vmail
home: /srv/mail
name: vmail
password: "!"
system: true
- name: Configure dovecot main configuration
template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
owner: root
group: "{{ item.group }}"
mode: "{{ item.mode }}"
loop:
- src: dovecot.conf.j2
dest: /etc/dovecot/dovecot.conf
group: root
mode: u=rw,g=,o=
- src: auth.j2
dest: /etc/dovecot/auth
group: dovecot
mode: u=rw,g=r,o=
notify:
- Reload dovecot
- name: Enable and start dovecot
systemd:
name: dovecot.service
state: started
enabled: true
...

View file

@ -0,0 +1,5 @@
{{ ansible_managed | comment }}
{% for user, passwd in dovecot__auth_users.items() %}
{{ user }}:{{ passwd }}
{% endfor %}

View file

@ -0,0 +1,120 @@
protocols = imap lmtp sieve
ssl = yes
ssl_cert = </etc/dovecot/private/dovecot.pem
ssl_client_ca_dir = /etc/ssl/certs
ssl_dh = </usr/share/dovecot/dh.pem
ssl_key = </etc/dovecot/private/dovecot.key
service stats {
inet_listener http {
port = 9900
}
}
metric auth_success {
filter = (event=auth_request_finished AND success=yes)
}
metric imap_command {
filter = event=imap_command_finished
group_by = cmd_name tagged_reply_state
}
metric smtp_command {
filter = event=smtp_server_command_finished
group_by = cmd_name status_code duration:exponential:1:5:10
}
metric mail_delivery {
filter = event=mail_delivery_finished
group_by = duration:exponential:1:5:10
}
service imap-login {
inet_listener imap {
port = 0
}
inet_listener imaps {
port = 993
}
}
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
mode = 0660
group = postfix
user = postfix
}
# TODO
user = vmail
}
service auth {
unix_listener /var/spool/postfix/private/auth {
mode = 0660
user = postfix
group = postfix
}
# TODO
unix_listener auth-userdb {
mode = 0660
user = vmail
group = vmail
}
}
protocol imap {
mail_plugins = imap_sieve
mail_max_userip_connections = 20 # TODO
imap_idle_notify_interval = 29 mins # TODO
}
protocol lmtp {
postmaster_address = {{ dovecot__lmtp_postmaster_address | enquote }}
mail_plugins = sieve notify push_notification # TODO sieve ??
}
auth_default_realm = {{ dovecot__auth_default_realm | enquote }}
auth_mechanisms = plain
auth_username_format = %Lu
disable_plaintext_auth = yes
mail_uid = vmail
mail_gid = vmail
mail_privileged_group = vmail
mail_home = /srv/mail/%d/%n
mail_location = maildir:~/mail:LAYOUT=fs
# TODO userdb vs passdb
passdb {
driver = passwd-file
args = username_format=%u /etc/dovecot/auth
}
namespace inbox {
inbox = yes
mailbox Spam {
auto = subscribe
special_use = \Junk
}
mailbox Trash {
auto = subscribe
special_use = \Trash
}
mailbox Drafts {
auto = subscribe
special_use = \Drafts
}
mailbox Sent {
auto = subscribe
special_use = \Sent
}
}