mailserver.dovecot
Ansible Role: Dovecot
Dovecot is a free IMAP email server for Linux and UNIX systems, designed with security in mind.
This role is part of the Mailserver project. Dovecot works with Postfix as a virtual mail transport and serves as the IMAP server.
Configuration
dovecot_hostname
The fully qualified domain name (FQDN) of the server hosting the mail server. This domain can't be listed in the virtual domains. By default, it uses the hostname from the Ansible facts, ansible_fqdn.
dovecot_default_mysql
The MySQL login details for the main mail database. This setting is ignored if policy_source is not set to mysql.
dovecot_mysql:
host: "127.0.0.1"
port: 3306
user: "dovecot"
password:
database: "mail"
dovecot_config
This section includes specific settings for Dovecot.
listen
A list of network addresses that Dovecot listens to. By default, it listens on all available IPv4 and IPv6 addresses, ["*", "[::]"].
policy_source
This setting decides the source of policies. Currently, mysql is the only option. You can find more information about it in the mailserver.mysql-seed repository.
vmail
| Key | Default | Description |
|---|---|---|
| user | vmail |
The virtual owner of the mail directory |
| group | vmail |
The virtual group of the mail directory |
| directory | /var/mail |
The location where the mail directory is stored |
auth
| Key | Default | Description |
|---|---|---|
| listen | ["inet", "unix"] |
Listening on network or local Unix sockets |
| inet | { address: '[::1]', port: 10026 } | The interface and port for the authentication service |
| unix | Path and settings for the Unix socket |
lmtp
| Key | Default | Description |
|---|---|---|
| listen | ["inet", "unix"] |
Listening on network or local Unix sockets |
| inet | "{ address: '[::1]', port: 10025 }" | The interface and port for the LMTP service |
| unix | Path and settings for the Unix socket |
Read more here: http://wiki.dovecot.org/LMTP
ssl
This section covers encryption settings for SMTP. It is used for client connections through StartTLS on port 587 and server-to-server connections.
The default paths for the certificate and key refer to Letsencrypt. If they aren't available, auto-generated 2048 bit Diffie-Hellman parameters will be used.
| Key | Default | Description |
|---|---|---|
| key | /etc/letsencrypt/live/{{ dovecot_hostname }}/privkey.pem |
Path to the SSL key in PEM format |
| certificate | /etc/letsencrypt/live/{{ dovecot_hostname }}/fullchain.pem |
Path to the SSL certificate (chain) in PEM format |
| dhparams.length | 2048 | Size of the Diffie-Hellman parameters |
| dhparams.file | /etc/ssl/postfix_dhparams.pem |
Path to the Diffie-Hellman parameters file |
managesieve_enabled
This option enables Sieve and Managesieve with user-specific settings. It is enabled by default.
config_dir
The directory where the Dovecot configuration files are stored. By default, it is /etc/dovecot on most systems.
Examples
Dovecot IMAP with TLS, 2048-bit Diffie-Hellman parameters, and MySQL backend
- role: mailserver.dovecot
dovecot_hostname: "imap.example.com"
dovecot_config:
ssl:
certificate: "/etc/letsencrypt/live/imap.example.com/fullchain.pem"
key: "/etc/letsencrypt/live/imap.example.com/privkey.pem"
dhparam:
size: 2048
dovecot_mysql:
host: '127.0.0.1'
user: 'dovecot'
password: 'correct horse battery staple'
database: 'maildb'
Dovecot role that integrates into Mailserver project
ansible-galaxy install mailserver.dovecot