149 lines
3.2 KiB
Django/Jinja
149 lines
3.2 KiB
Django/Jinja
# The home-server project produces a multi-purpose setup using Ansible.
|
|
# Copyright © 2018 Y. Gablin, under the GPL-3.0-or-later license.
|
|
# Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing.
|
|
|
|
## Dovecot configuration file (/usr/share/doc/dovecot/example-config)
|
|
|
|
# "doveconf -n" command gives a clean output of the changed settings. Use it
|
|
# instead of copy&pasting files when posting to the Dovecot mailing list.
|
|
|
|
# Most (but not all) settings can be overridden by different protocols and/or
|
|
# source/destination IPs by placing the settings inside sections, for example:
|
|
# protocol imap { }, local 127.0.0.1 { }, remote 10.0.0.0/8 { }
|
|
|
|
## dovecot.conf
|
|
protocols = imap lmtp sieve
|
|
instance_name = dovecot
|
|
verbose_proctitle = yes
|
|
login_greeting = Ready.
|
|
login_trusted_networks = {{net_trusted_ranges}}
|
|
import_environment = TZ LANG
|
|
|
|
## 10-auth.conf
|
|
auth_default_realm = {{net_soa}}
|
|
auth_username_format = %Ln
|
|
disable_plaintext_auth = no
|
|
|
|
## 10-logging.conf
|
|
auth_verbose = yes
|
|
|
|
## 10-mail.conf
|
|
mail_server_admin = mailto:postmaster@{{net_soa}}
|
|
mail_temp_dir = /var/tmp
|
|
first_valid_uid = 1
|
|
first_valid_gid = 1
|
|
mailbox_list_index = yes
|
|
|
|
namespace inbox {
|
|
inbox = yes
|
|
}
|
|
|
|
## 10-master.conf
|
|
haproxy_trusted_networks = {{DMZ_IP}}
|
|
|
|
service imap-login {
|
|
inet_listener imap {
|
|
port = 143
|
|
}
|
|
inet_listener imap_haproxy {
|
|
port = 220
|
|
haproxy = yes
|
|
}
|
|
}
|
|
service lmtp {
|
|
#unix_listener /run/shared_sockets/lmtp {
|
|
# mode = 0666
|
|
#}
|
|
# Create inet listener only if you can't use the above UNIX socket
|
|
# https://yalis.fr/git/yves/home-server/issues/6
|
|
inet_listener lmtp {
|
|
address = {{SafeZone_IP}}
|
|
port = 24
|
|
}
|
|
}
|
|
service imap {
|
|
}
|
|
service auth {
|
|
unix_listener auth-userdb {
|
|
}
|
|
}
|
|
service auth-worker {
|
|
user = $default_internal_user
|
|
}
|
|
#service dict {
|
|
# # If dict proxy is used, mail processes should have access to its socket.
|
|
# # For example: mode=0660, group=vmail and global mail_access_groups=vmail
|
|
# unix_listener dict {
|
|
# #mode = 0600
|
|
# #user =
|
|
# #group =
|
|
# }
|
|
#}
|
|
|
|
## 10-ssl.conf
|
|
ssl = no
|
|
|
|
## 15-lda.conf
|
|
postmaster_address = postmaster@{{net_soa}}
|
|
submission_host = {{DMZ}}
|
|
lda_mailbox_autocreate = yes
|
|
lda_mailbox_autosubscribe = yes
|
|
|
|
## 15-mailboxes.conf
|
|
namespace inbox {
|
|
mailbox Drafts {
|
|
special_use = \Drafts
|
|
}
|
|
mailbox Junk {
|
|
special_use = \Junk
|
|
}
|
|
mailbox Trash {
|
|
special_use = \Trash
|
|
}
|
|
mailbox Sent {
|
|
special_use = \Sent
|
|
}
|
|
}
|
|
|
|
## 20-imap.conf
|
|
protocol imap {
|
|
}
|
|
|
|
## 20-lmtp.conf
|
|
protocol lmtp {
|
|
mail_plugins = sieve
|
|
auth_username_format = %Ln
|
|
}
|
|
|
|
## 20-managesieve.conf
|
|
service managesieve-login {
|
|
inet_listener sieve {
|
|
}
|
|
}
|
|
service managesieve {
|
|
}
|
|
protocol sieve {
|
|
managesieve_implementation_string = sieve
|
|
}
|
|
|
|
## 90-sieve.conf
|
|
plugin {
|
|
sieve = file:~/sieve;active=~/.dovecot.sieve
|
|
sieve_redirect_envelope_from = orig_recipient
|
|
sieve_trace_level = actions
|
|
}
|
|
|
|
## auth-ldap.conf.ext
|
|
# https://wiki2.dovecot.org/AuthDatabase/LDAP
|
|
# https://wiki2.dovecot.org/AuthDatabase/LDAP/AuthBinds
|
|
# https://wiki2.dovecot.org/AuthDatabase/LDAP/Userdb
|
|
# https://wiki2.dovecot.org/UserDatabase/ExtraFields
|
|
passdb {
|
|
driver = ldap
|
|
args = /etc/dovecot/dovecot-ldap-passdb.conf
|
|
}
|
|
userdb {
|
|
driver = ldap
|
|
args = /etc/dovecot/dovecot-ldap-userdb.conf
|
|
}
|