Adapted from https://gist.github.com/barryo/8918488:

dovecot-sql.conf.ext SQL queries

PostgreSQL query for password:

password_query = SELECT username as user, password as password, \
        homedir AS userdb_home, maildir AS userdb_mail, \
        concat('*:bytes=', quota) as userdb_quota_rule, uid AS userdb_uid, gid AS userdb_gid \
    FROM mailbox \
    WHERE username = '%Lu' AND active = '1' \
          AND ( access_restriction = 'ALL' OR POSITION( '%Us' IN access_restriction ) > 0 )

The MySQL user query can be used as is:

user_query = SELECT homedir AS home, maildir AS mail, \
        concat('*:bytes=', quota) as quota_rule, uid, gid \
    FROM mailbox WHERE username = '%u'

Also, we need to declare Dovecot ports at https://netbox.nasqueron.org/virtualization/virtual-machines/10/ services table (on the public IP)

An example of custom port build: https://devcentral.nasqueron.org/source/operations/browse/main/roles/dbserver-pgsql/server/build.sls

We also need a monitoring script to detect those cases:

Oct 7 00:47:06 hervil dovecot[28342]: imap-login: Fatal: Dovecot version mismatch: Master is v2.3.21, imap-login is v2.3.21.1 (if you don't care, set version_ignore=yes)
Oct 7 00:51:02 hervil dovecot[28342]: pop3-login: Fatal: Dovecot version mismatch: Master is v2.3.21, pop3-login is v2.3.21.1 (if you don't care, set version_ignore=yes)

(And to answer the note in the log message, I guess yes we care as if they log that, those should be kept in sync).

We'll see that scenario each time we update Dovecot, and before the restart.