Page MenuHomeDevCentral

D3364.id8708.diff
No OneTemporary

D3364.id8708.diff

diff --git a/pillar/mailserver/dovecot.sls b/pillar/mailserver/dovecot.sls
new file mode 100644
--- /dev/null
+++ b/pillar/mailserver/dovecot.sls
@@ -0,0 +1,12 @@
+# -------------------------------------------------------------
+# Salt — Dovecot Configuration
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+dovecot_config:
+ db:
+ service: db-A
+ database: mail
+ credential: dbserver/cluster-A/users/dovecot
diff --git a/pillar/top.sls b/pillar/top.sls
--- a/pillar/top.sls
+++ b/pillar/top.sls
@@ -53,6 +53,7 @@
hervil:
- mailserver.vimbadmin
+ - mailserver.dovecot
ysul:
- devserver.repos
diff --git a/roles/mailserver/dovecot/files/conf.d/10-auth.conf b/roles/mailserver/dovecot/files/conf.d/10-auth.conf
new file mode 100644
--- /dev/null
+++ b/roles/mailserver/dovecot/files/conf.d/10-auth.conf
@@ -0,0 +1,18 @@
+# -------------------------------------------------------------
+# Dovecot configuration
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# License: Trivial work, not eligible to copyright
+# Source file: roles/mailserver/dovecot/files/conf.d/10-auth.conf
+# -------------------------------------------------------------
+#
+# <auto-generated>
+# This file is managed by our rOPS SaltStack repository.
+#
+# Changes to this file may cause incorrect behavior
+# and will be lost if the state is redeployed.
+# </auto-generated>
+
+auth_mechanisms = plain login
+
+!include auth-sql.conf.ext
diff --git a/roles/mailserver/dovecot/files/conf.d/10-mail.conf b/roles/mailserver/dovecot/files/conf.d/10-mail.conf
new file mode 100644
--- /dev/null
+++ b/roles/mailserver/dovecot/files/conf.d/10-mail.conf
@@ -0,0 +1,18 @@
+# -------------------------------------------------------------
+# Dovecot configuration
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# License: Trivial work, not eligible to copyright
+# Source file: roles/mailserver/dovecot/files/conf.d/10-mail.conf
+# -------------------------------------------------------------
+#
+# <auto-generated>
+# This file is managed by our rOPS SaltStack repository.
+#
+# Changes to this file may cause incorrect behavior
+# and will be lost if the state is redeployed.
+# </auto-generated>
+
+mail_location = maildir:{{ mailbox.dir }}
+
+mail_plugins = quota
diff --git a/roles/mailserver/dovecot/files/conf.d/10-master.conf b/roles/mailserver/dovecot/files/conf.d/10-master.conf
new file mode 100644
--- /dev/null
+++ b/roles/mailserver/dovecot/files/conf.d/10-master.conf
@@ -0,0 +1,31 @@
+# -------------------------------------------------------------
+# Dovecot configuration
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# License: Trivial work, not eligible to copyright
+# Source file: roles/mailserver/dovecot/files/conf.d/10-master.conf
+# -------------------------------------------------------------
+#
+# <auto-generated>
+# This file is managed by our rOPS SaltStack repository.
+#
+# Changes to this file may cause incorrect behavior
+# and will be lost if the state is redeployed.
+# </auto-generated>
+
+# Postfix smtp-auth
+service auth {
+ unix_listener /var/spool/postfix/private/auth {
+ mode = 0660
+ user = postfix
+ group = postfix
+ }
+}
+
+service lmtp {
+ unix_listener /var/spool/postfix/private/dovecot-lmtp {
+ group = postfix
+ mode = 0600
+ user = postfix
+ }
+}
diff --git a/roles/mailserver/dovecot/files/conf.d/10-ssl.conf b/roles/mailserver/dovecot/files/conf.d/10-ssl.conf
new file mode 100644
--- /dev/null
+++ b/roles/mailserver/dovecot/files/conf.d/10-ssl.conf
@@ -0,0 +1,19 @@
+# -------------------------------------------------------------
+# Dovecot configuration
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# License: Trivial work, not eligible to copyright
+# Source file: roles/mailserver/dovecot/files/conf.d/10-ssl.conf
+# -------------------------------------------------------------
+#
+# <auto-generated>
+# This file is managed by our rOPS SaltStack repository.
+#
+# Changes to this file may cause incorrect behavior
+# and will be lost if the state is redeployed.
+# </auto-generated>
+
+ssl_cert = </usr/local/etc/letsencrypt/live/mail.nasqueron.org/fullchain.pem
+ssl_key = </usr/local/etc/letsencrypt/live/mail.nasqueron.org/privkey.pem
+
+ssl = required
diff --git a/roles/mailserver/dovecot/files/conf.d/auth-sql.conf.ext b/roles/mailserver/dovecot/files/conf.d/auth-sql.conf.ext
new file mode 100644
--- /dev/null
+++ b/roles/mailserver/dovecot/files/conf.d/auth-sql.conf.ext
@@ -0,0 +1,24 @@
+# -------------------------------------------------------------
+# Dovecot configuration
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# License: Trivial work, not eligible to copyright
+# Source file: roles/mailserver/dovecot/files/conf.d/auth-sql.conf.ext
+# -------------------------------------------------------------
+#
+# <auto-generated>
+# This file is managed by our rOPS SaltStack repository.
+#
+# Changes to this file may cause incorrect behavior
+# and will be lost if the state is redeployed.
+# </auto-generated>
+
+passdb {
+ driver = sql
+ args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
+}
+
+userdb {
+ driver = sql
+ args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
+}
diff --git a/roles/mailserver/dovecot/files/dovecot-sql.conf.ext b/roles/mailserver/dovecot/files/dovecot-sql.conf.ext
new file mode 100644
--- /dev/null
+++ b/roles/mailserver/dovecot/files/dovecot-sql.conf.ext
@@ -0,0 +1,35 @@
+# -------------------------------------------------------------
+# Dovecot configuration
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# License: Trivial work, not eligible to copyright
+# Source file: roles/mailserver/dovecot/files/dovecot-sql.conf.ext
+# -------------------------------------------------------------
+#
+# <auto-generated>
+# This file is managed by our rOPS SaltStack repository.
+#
+# Changes to this file may cause incorrect behavior
+# and will be lost if the state is redeployed.
+# </auto-generated>
+
+driver = pgsql
+
+connect = \
+ host={{ db.hostname }} \
+ dbname={{ db.name }} \
+ user={{ db.user }} \
+ password={{ db.password }}
+
+default_pass_scheme = CRYPT
+
+password_query = SELECT username as user, password as password, \
+ homedir AS userdb_home, maildir AS userdb_mail, \
+ concat('*:bytes=', quota) as userdb_quota_rule, uid AS userdb_uid, gid AS userdb_gid \
+ FROM mailbox \
+ WHERE username = '%Lu' AND active = '1' \
+ AND ( access_restriction = 'ALL' OR POSITION( '%Us' IN access_restriction ) > 0 )
+
+user_query = SELECT homedir AS home, maildir AS mail, \
+ concat('*:bytes=', quota) as quota_rule, uid, gid \
+ FROM mailbox WHERE username = '%u'
diff --git a/roles/mailserver/dovecot/files/dovecot.conf b/roles/mailserver/dovecot/files/dovecot.conf
new file mode 100644
--- /dev/null
+++ b/roles/mailserver/dovecot/files/dovecot.conf
@@ -0,0 +1,16 @@
+# -------------------------------------------------------------
+# dovecot main configuration
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# License: Trivial work, not eligible to copyright
+# Source file: roles/mailserver/dovecot/files/dovecot.conf
+# -------------------------------------------------------------
+#
+# <auto-generated>
+# This file is managed by our rOPS SaltStack repository.
+#
+# Changes to this file may cause incorrect behavior
+# and will be lost if the state is redeployed.
+# </auto-generated>
+
+!include conf.d/*.conf
diff --git a/roles/mailserver/dovecot/init.sls b/roles/mailserver/dovecot/init.sls
new file mode 100644
--- /dev/null
+++ b/roles/mailserver/dovecot/init.sls
@@ -0,0 +1,52 @@
+# -------------------------------------------------------------
+# Salt — Provision dovecot Config
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+{% from "map.jinja" import dirs with context %}
+{% set db = pillar["dovecot_config"]["db"] %}
+
+
+dovecot:
+ pkg.installed
+
+{{ dirs.etc }}/dovecot/conf.d:
+ file.directory:
+ - mode: 755
+ - user: root
+ - group: wheel
+ - makedirs: True
+
+{{ dirs.etc }}/dovecot/dovecot.conf:
+ file.managed:
+ - source: salt://roles/mailserver/dovecot/files/dovecot.conf
+ - template: jinja
+
+{{ dirs.etc }}/dovecot/dovecot-sql.conf.ext:
+ file.managed:
+ - source: salt://roles/mailserver/dovecot/files/dovecot-sql.conf.ext
+ - template: jinja
+ - mode: 400
+ - context:
+ db:
+ hostname: {{ pillar["nasqueron_services"][db["service"]] }}
+ name: {{ db["database"] }}
+ password: {{ salt["credentials.get_password"](db["credential"]) }}
+ user: {{ salt["credentials.get_username"](db["credential"]) }}
+
+dovecot_file_config_conf_d:
+ file.recurse:
+ - source: salt://roles/mailserver/dovecot/files/conf.d
+ - name: {{ dirs.etc }}/dovecot/conf.d
+ - file_mode: 755
+ - dir_mode: 755
+ - context:
+ db:
+ hostname: {{ pillar["nasqueron_services"][db["service"]] }}
+ name: {{ db["database"] }}
+ password: {{ salt["credentials.get_password"](db["credential"]) }}
+ user: {{ salt["credentials.get_username"](db["credential"]) }}
+ mailbox:
+ dir: /var/mail/_virtual

File Metadata

Mime Type
text/plain
Expires
Sat, Nov 23, 11:23 (17 h, 25 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2257847
Default Alt Text
D3364.id8708.diff (9 KB)

Event Timeline