trombik.dovecot

Panoramica Versioni Approfondimenti

ansible-role-dovecot

Sets up dovecot.

Requirements

No requirements.

Role Variables

Variable Description Default
dovecot_user The user name for dovecot {{ __dovecot_user }}
dovecot_group The group name for dovecot {{ __dovecot_group }}
dovecot_service The service name for dovecot {{ __dovecot_service }}
dovecot_package The package name for dovecot {{ __dovecot_package }}
dovecot_extra_packages Extra packages to install []
dovecot_conf_dir Directory containing dovecot.conf {{ __dovecot_conf_dir }}
dovecot_confd_dir Directory for additional config {{ dovecot_conf_dir }}/conf.d
dovecot_conf_file Path to dovecot.conf {{ __dovecot_conf_dir }}/dovecot.conf
dovecot_flags Additional flags for dovecot ""
dovecot_base_dir Base directory in dovecot.conf {{ __dovecot_base_dir }}
dovecot_config Configuration content for dovecot.conf ""
dovecot_config_fragments Additional config fragments []
dovecot_login_class Login class for login.conf (OpenBSD only) {{ __dovecot_login_class }}
dovecot_extra_groups Extra groups for dovecot user []
dovecot_include_role_x509_certificate Include trombik.x509_certificate role no

dovecot_config_fragments

This is a list of extra configuration file fragments for dovecot.

Key Description Required?
name Name of the file yes
state Should be absent or present yes
content Content of the file yes
mode Permissions for the file no
owner File owner no
group File group no

FreeBSD

Variable Default
__dovecot_user dovecot
__dovecot_group dovecot
__dovecot_conf_dir /usr/local/etc/dovecot
__dovecot_service dovecot
__dovecot_package mail/dovecot
__dovecot_base_dir /var/run/dovecot
__dovecot_login_class ""

OpenBSD

Variable Default
__dovecot_user _dovecot
__dovecot_group _dovecot
__dovecot_conf_dir /etc/dovecot
__dovecot_service dovecot
__dovecot_package dovecot
__dovecot_base_dir /var/run/dovecot
__dovecot_login_class see below 
dovecot:\
  :openfiles-cur=512:\
  :openfiles-max=2048:\
  :tc=daemon:

Debian

Variable Default
__dovecot_user dovecot
__dovecot_group dovecot
__dovecot_conf_dir /etc/dovecot
__dovecot_service dovecot
__dovecot_package dovecot-core
__dovecot_base_dir /var/run/dovecot
__dovecot_login_class ""

TLS/SSL Support

This role supports TLS/SSL by importing trombik.x509_certificate during the play. Make sure to include it in requirements.yml, and set dovecot_include_role_x509_certificate to yes.

Check tests/serverspec/default.yml for an example.

Dependencies

None

Example Playbook

- hosts: localhost
  roles:
    - ansible-role-dovecot
  vars:
    x509_certificate_debug_log: yes
    x509_certificate:
      - name: dovecot
        state: present
        public:
          path: "{{ dovecot_conf_dir }}/ssl/dovecot_pub.pem"
          owner: "{{ dovecot_user }}"
          key: |
            -----BEGIN CERTIFICATE-----
            (your certificate here)
            -----END CERTIFICATE-----
        secret:
          path: "{{ dovecot_conf_dir }}/ssl/dovecot_key.pem"
          owner: "{{ dovecot_user }}"
          key: |
            -----BEGIN RSA PRIVATE KEY-----
            (your private key here)
            -----END RSA PRIVATE KEY-----
    dovecot_include_role_x509_certificate: true
    dovecot_extra_packages: "{% if ansible_os_family == 'Debian' %}[ 'dovecot-imapd' ]{% else %}[]{% endif %}"
    dovecot_extra_groups: "{% if ansible_os_family == 'Debian' %}[ 'nogroup' ]{% else %}[ 'nobody' ]{% endif %}"
    dovecot_config: |
      protocols = {% if ansible_os_family == 'Debian' %}imap{% else %}imaps{% endif %}
      listen = *
      base_dir = "{{ dovecot_base_dir }}"
      {% for i in dovecot_config_fragments %}
      {% if i.state == 'present' %}
      !include {{ dovecot_confd_dir }}/{{ i.name }}
      {% endif %}
      {% endfor %}

    dovecot_config_fragments:
      - name: foo.conf
        state: absent
      - name: auth.conf
        state: present
        mode: "0640"
        content: |
          disable_plaintext_auth = yes
          passdb {
            driver = {% if ansible_os_family == 'FreeBSD' or ansible_os_family == 'Debian' %}pam{% elif ansible_os_family == 'OpenBSD' %}bsdauth{% endif %}
          }
          userdb {
            driver = passwd
          }
      - name: ssl.conf
        state: present
        mode: "0640"
        content: |
          {% if ansible_os_family == 'Debian' %}
          service imap-login {
            inet_listener imap {
              port = 0
            }
          }
          {% endif %}
          ssl = required
          ssl_cert = <{{ dovecot_conf_dir }}/ssl/dovecot_pub.pem
          ssl_key = <{{ dovecot_conf_dir }}/ssl/dovecot_key.pem

License

Copyright (c) 2017 Tomoyuki Sakurai <[email protected]>

You are free to use, copy, modify, and share this software for any purpose, with or without fee, as long as this copyright notice and permission appear in all copies.

THIS SOFTWARE IS PROVIDED "AS IS" WITHOUT ANY WARRANTIES. THE AUTHOR IS NOT LIABLE FOR ANY DAMAGES.

Author Information

Tomoyuki Sakurai y@trombik.org

This README was created by qansible

Informazioni sul progetto

Configures dovecot

role dovecot imap mail pop3
Installa
ansible-galaxy install trombik.dovecot
GitHub repository
4 stelle
2 fork
5 problemi aperti
Licenza
isc
Download
449
Proprietario
Tomoyuki Sakurai
PGP finger print: 03EB 3D97 5E04 9B0C AB21 93A2 D693 42A9 EFBC 3577 Makerspace and Coliving in Siem Reap, Cambodia: http://info.mkrsgh.org/