In this task we will install and configure dovecot
Actions remaining:
- Custom build for FreeBSD ports
- Monitoring for version mismatch
In this task we will install and configure dovecot
Actions remaining:
rOPS Nasqueron Operations | |||
D3627 | rOPS98cf593bab0b Provision custom build of dovecot | ||
D3491 | rOPSdbe475c01f7d Substitute Jinja variables in Dovecot configuration | ||
D3414 | rOPS06ca92809755 Declare Dovecot unit in mailserver role | ||
D3413 | rOPS669268298639 Start Dovecot on boot | ||
D3364 | rOPSf6419f2b78d8 Provisioning Dovecot Config | ||
D3375 | rOPSfc0d46d845df Configure pg_HBA for dovecot user | ||
D3365 | rOPS8919c2cb98b1 Create PostgreSQL credentials for Dovecot |
Status | Subtype | Assigned | Task | ||
---|---|---|---|---|---|
Wontfix | dereckson | T4 Setup fauve services | |||
Open | None | T1476 Host @wolfplex.be mail | |||
Open | Epic | DorianWinty | T1475 Provision a mail server | ||
Open | DorianWinty | T1931 Dovecot Provisioning | |||
Resolved | DorianWinty | T1987 Dovecot Metrics | |||
Resolved | dereckson | T2047 Dovecot :stats listen to world on port 9900 |
Adapted from https://gist.github.com/barryo/8918488:
dovecot-sql.conf.ext SQL queries
PostgreSQL query for password:
password_query = SELECT username as user, password as password, \ homedir AS userdb_home, maildir AS userdb_mail, \ concat('*:bytes=', quota) as userdb_quota_rule, uid AS userdb_uid, gid AS userdb_gid \ FROM mailbox \ WHERE username = '%Lu' AND active = '1' \ AND ( access_restriction = 'ALL' OR POSITION( '%Us' IN access_restriction ) > 0 )
The MySQL user query can be used as is:
user_query = SELECT homedir AS home, maildir AS mail, \ concat('*:bytes=', quota) as quota_rule, uid, gid \ FROM mailbox WHERE username = '%u'
Also, we need to declare Dovecot ports at https://netbox.nasqueron.org/virtualization/virtual-machines/10/ services table (on the public IP)
We should build the dovecot package with pgsql support so we need to build it with PORTS
An example of custom port build: https://devcentral.nasqueron.org/source/operations/browse/main/roles/dbserver-pgsql/server/build.sls
We also need a monitoring script to detect those cases:
Oct 7 00:47:06 hervil dovecot[28342]: imap-login: Fatal: Dovecot version mismatch: Master is v2.3.21, imap-login is v2.3.21.1 (if you don't care, set version_ignore=yes)
Oct 7 00:51:02 hervil dovecot[28342]: pop3-login: Fatal: Dovecot version mismatch: Master is v2.3.21, pop3-login is v2.3.21.1 (if you don't care, set version_ignore=yes)
(And to answer the note in the log message, I guess yes we care as if they log that, those should be kept in sync).
We'll see that scenario each time we update Dovecot, and before the restart.
Monitoring could be as simple as:`
tail -n100 /var/log/mail... | grep -q "Dovecot version mismatch" && echo "Dovecot versions don't match" 1>&2 && exit 2