# The home-server project produces a multi-purpose setup using Ansible.
# Copyright © 2018 Y. Gablin, under the GPL-3.0-or-later license.
# Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing.

## Dovecot configuration file (/usr/share/doc/dovecot/example-config)

# "doveconf -n" command gives a clean output of the changed settings. Use it
# instead of copy&pasting files when posting to the Dovecot mailing list.

# Most (but not all) settings can be overridden by different protocols and/or
# source/destination IPs by placing the settings inside sections, for example:
# protocol imap { }, local 127.0.0.1 { }, remote 10.0.0.0/8 { }

## dovecot.conf
protocols = imap lmtp sieve
instance_name = dovecot
verbose_proctitle = yes
login_greeting = Ready.
login_trusted_networks = {{net_trusted_ranges}}
import_environment = TZ LANG

## 10-auth.conf
auth_default_realm = {{net_soa}}
auth_username_format = %Ln
disable_plaintext_auth = no

## 10-logging.conf
auth_verbose = yes

## 10-mail.conf
mail_server_admin = mailto:postmaster@{{net_soa}}
mail_temp_dir = /var/tmp
first_valid_uid = 1
first_valid_gid = 1
mailbox_list_index = yes

namespace inbox {
  inbox = yes
}

## 10-master.conf
haproxy_trusted_networks = {{DMZ_IP}}

service imap-login {
  inet_listener imap {
    port = 143
  }
  inet_listener imap_haproxy {
    port = 220
    haproxy = yes
  }
}
service lmtp {
  unix_listener /run/shared_sockets/lmtp {
    mode = 0666
  }
#  # Create inet listener only if you can't use the above UNIX socket
#  #inet_listener lmtp {
#    # Avoid making LMTP visible for the entire internet
#    #address =
#    #port = 
#  #}
}
service imap {
}
service auth {
  unix_listener auth-userdb {
  }
}
service auth-worker {
  user = $default_internal_user
}
#service dict {
#  # If dict proxy is used, mail processes should have access to its socket.
#  # For example: mode=0660, group=vmail and global mail_access_groups=vmail
#  unix_listener dict {
#    #mode = 0600
#    #user = 
#    #group = 
#  }
#}

## 10-ssl.conf
ssl = no

## 15-lda.conf
postmaster_address = postmaster@{{net_soa}}
submission_host = {{DMZ}}
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes

## 15-mailboxes.conf
namespace inbox {
  mailbox Drafts {
    special_use = \Drafts
  }
  mailbox Junk {
    special_use = \Junk
  }
  mailbox Trash {
    special_use = \Trash
  }
  mailbox Sent {
    special_use = \Sent
  }
}

## 20-imap.conf
protocol imap {
}

## 20-lmtp.conf
protocol lmtp {
  mail_plugins = sieve
  auth_username_format = %Ln
}

## 20-managesieve.conf
service managesieve-login {
  inet_listener sieve {
  }
}
service managesieve {
}
protocol sieve {
  managesieve_implementation_string = sieve
}

## 90-sieve.conf
plugin {
  sieve = file:~/sieve;active=~/.dovecot.sieve
  sieve_redirect_envelope_from = orig_recipient
  sieve_trace_level = actions
}

## auth-ldap.conf.ext
# https://wiki2.dovecot.org/AuthDatabase/LDAP
# https://wiki2.dovecot.org/AuthDatabase/LDAP/AuthBinds
# https://wiki2.dovecot.org/AuthDatabase/LDAP/Userdb
# https://wiki2.dovecot.org/UserDatabase/ExtraFields
passdb {
  driver = ldap
  args = /etc/dovecot/dovecot-ldap-passdb.conf
}
userdb {
  driver = ldap
  args = /etc/dovecot/dovecot-ldap-userdb.conf
}