bundles/dovecot: introduce
This commit is contained in:
parent
f42dda5961
commit
18b573a9c6
7 changed files with 286 additions and 0 deletions
5
bundles/dovecot/files/dovecot-sql.conf
Normal file
5
bundles/dovecot/files/dovecot-sql.conf
Normal file
|
@ -0,0 +1,5 @@
|
|||
connect = host=localhost dbname=${dbname} user=${dbuser} password=${dbpass}
|
||||
driver = pgsql
|
||||
default_pass_scheme = MD5-CRYPT
|
||||
password_query = SELECT username as user, password FROM mailbox WHERE username = '%u' AND active = true
|
||||
user_query = SELECT '/var/mail/vmail' || maildir as home, 65534 as uid, 65534 as gid FROM mailbox WHERE username = '%u' AND active = true
|
130
bundles/dovecot/files/dovecot.conf
Normal file
130
bundles/dovecot/files/dovecot.conf
Normal file
|
@ -0,0 +1,130 @@
|
|||
!include conf.d/*.conf
|
||||
|
||||
namespace inbox {
|
||||
type = private
|
||||
inbox = yes
|
||||
location =
|
||||
mailbox Drafts {
|
||||
auto = subscribe
|
||||
special_use = \Drafts
|
||||
}
|
||||
mailbox Junk {
|
||||
auto = subscribe
|
||||
special_use = \Junk
|
||||
}
|
||||
mailbox Sent {
|
||||
auto = subscribe
|
||||
special_use = \Sent
|
||||
}
|
||||
mailbox Trash {
|
||||
auto = subscribe
|
||||
special_use = \Trash
|
||||
}
|
||||
prefix =
|
||||
}
|
||||
|
||||
mail_location = maildir:/var/mail/vmail/%d/%n
|
||||
protocols = imap lmtp sieve
|
||||
|
||||
ssl = yes
|
||||
ssl_cert = </var/lib/dehydrated/certs/${node.metadata['postfix']['myhostname']}/fullchain.pem
|
||||
ssl_key = </var/lib/dehydrated/certs/${node.metadata['postfix']['myhostname']}/privkey.pem
|
||||
ssl_dh = </etc/dovecot/ssl/dhparam.pem
|
||||
|
||||
login_greeting = IMAPd ready
|
||||
auth_mechanisms = plain login
|
||||
first_valid_uid = 65534
|
||||
disable_plaintext_auth = yes
|
||||
mail_plugins = $mail_plugins zlib
|
||||
|
||||
plugin {
|
||||
zlib_save_level = 6
|
||||
zlib_save = gz
|
||||
|
||||
sieve_plugins = sieve_imapsieve sieve_extprograms
|
||||
sieve_dir = /var/mail/vmail/sieve/%d/%n/
|
||||
sieve = /var/mail/vmail/sieve/%d/%n.sieve
|
||||
sieve_pipe_bin_dir = /var/mail/vmail/sieve/bin
|
||||
sieve_extensions = +vnd.dovecot.pipe
|
||||
|
||||
% if node.has_bundle('rspamd'):
|
||||
sieve_before = /var/mail/vmail/sieve/global/spam-global.sieve
|
||||
|
||||
# From elsewhere to Spam folder
|
||||
imapsieve_mailbox1_name = Junk
|
||||
imapsieve_mailbox1_causes = COPY
|
||||
imapsieve_mailbox1_before = file:/var/mail/vmail/sieve/global/learn-spam.sieve
|
||||
|
||||
# From Spam folder to elsewhere
|
||||
imapsieve_mailbox2_name = *
|
||||
imapsieve_mailbox2_from = Junk
|
||||
imapsieve_mailbox2_causes = COPY
|
||||
imapsieve_mailbox2_before = file:/var/mail/vmail/sieve/global/learn-ham.sieve
|
||||
% endif
|
||||
}
|
||||
|
||||
service auth {
|
||||
unix_listener /var/spool/postfix/private/auth {
|
||||
mode = 0660
|
||||
user = postfix
|
||||
group = postfix
|
||||
}
|
||||
|
||||
unix_listener auth-userdb {
|
||||
mode = 0660
|
||||
user = nobody
|
||||
group = nogroup
|
||||
}
|
||||
}
|
||||
|
||||
service lmtp {
|
||||
unix_listener /var/spool/postfix/private/dovecot-lmtp {
|
||||
group = postfix
|
||||
mode = 0600
|
||||
user = postfix
|
||||
}
|
||||
}
|
||||
|
||||
service imap {
|
||||
executable = imap
|
||||
}
|
||||
|
||||
service imap-login {
|
||||
service_count = 1
|
||||
process_min_avail = 8
|
||||
vsz_limit = 64M
|
||||
}
|
||||
|
||||
service managesieve-login {
|
||||
inet_listener sieve {
|
||||
port = 4190
|
||||
}
|
||||
}
|
||||
|
||||
userdb {
|
||||
driver = sql
|
||||
args = /etc/dovecot/dovecot-sql.conf
|
||||
}
|
||||
|
||||
passdb {
|
||||
driver = sql
|
||||
args = /etc/dovecot/dovecot-sql.conf
|
||||
}
|
||||
|
||||
protocol lmtp {
|
||||
mail_plugins = $mail_plugins sieve
|
||||
postmaster_address = ${admin_email}
|
||||
}
|
||||
|
||||
protocol imap {
|
||||
mail_plugins = $mail_plugins imap_zlib imap_sieve
|
||||
mail_max_userip_connections = 50
|
||||
imap_idle_notify_interval = 29 mins
|
||||
}
|
||||
|
||||
protocol sieve {
|
||||
plugin {
|
||||
sieve = /var/mail/vmail/sieve/%d/%n.sieve
|
||||
sieve_storage = /var/mail/vmail/sieve/%d/%n/
|
||||
}
|
||||
}
|
15
bundles/dovecot/files/learn-ham.sieve
Normal file
15
bundles/dovecot/files/learn-ham.sieve
Normal file
|
@ -0,0 +1,15 @@
|
|||
require ["vnd.dovecot.pipe", "copy", "imapsieve", "environment", "variables"];
|
||||
|
||||
if environment :matches "imap.mailbox" "*" {
|
||||
set "mailbox" "${1}";
|
||||
}
|
||||
|
||||
if string "${mailbox}" "Trash" {
|
||||
stop;
|
||||
}
|
||||
|
||||
if environment :matches "imap.user" "*" {
|
||||
set "username" "${1}";
|
||||
}
|
||||
|
||||
pipe :copy "sa-learn-ham.sh" [ "${username}" ];
|
7
bundles/dovecot/files/learn-spam.sieve
Normal file
7
bundles/dovecot/files/learn-spam.sieve
Normal file
|
@ -0,0 +1,7 @@
|
|||
require ["vnd.dovecot.pipe", "copy", "imapsieve", "environment", "variables"];
|
||||
|
||||
if environment :matches "imap.user" "*" {
|
||||
set "username" "${1}";
|
||||
}
|
||||
|
||||
pipe :copy "sa-learn-spam.sh" [ "${username}" ];
|
11
bundles/dovecot/files/spam-global.sieve
Normal file
11
bundles/dovecot/files/spam-global.sieve
Normal file
|
@ -0,0 +1,11 @@
|
|||
require ["fileinto", "imap4flags"];
|
||||
|
||||
if header :contains "X-Spam-Flag" "YES" {
|
||||
setflag "\\seen";
|
||||
fileinto "Junk";
|
||||
}
|
||||
|
||||
if header :contains "X-Spam" "Yes" {
|
||||
setflag "\\seen";
|
||||
fileinto "Junk";
|
||||
}
|
66
bundles/dovecot/items.py
Normal file
66
bundles/dovecot/items.py
Normal file
|
@ -0,0 +1,66 @@
|
|||
# Postfix bundle creates metadata and directories which are also used
|
||||
# by this bundle
|
||||
assert node.has_bundle('postfix')
|
||||
|
||||
files = {
|
||||
'/etc/dovecot/dovecot.conf': {
|
||||
'content_type': 'mako',
|
||||
'context': {
|
||||
'admin_email': node.metadata['dovecot']['admin_email'],
|
||||
},
|
||||
'needs': {
|
||||
'pkg_apt:'
|
||||
},
|
||||
'triggers': {
|
||||
'svc_systemd:dovecot:restart',
|
||||
},
|
||||
},
|
||||
'/etc/dovecot/dovecot-sql.conf': {
|
||||
'content_type': 'mako',
|
||||
'context': node.metadata['dovecot']['database'],
|
||||
'needs': {
|
||||
'pkg_apt:'
|
||||
},
|
||||
'triggers': {
|
||||
'svc_systemd:dovecot:restart',
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
actions = {
|
||||
'dovecot_generate_dhparam': {
|
||||
'command': 'openssl dhparam -out /etc/dovecot/ssl/dhparam.pem 2048',
|
||||
'unless': 'test -f /etc/dovecot/ssl/dhparam.pem',
|
||||
'cascade_skip': False,
|
||||
'needs': {
|
||||
'pkg_apt:'
|
||||
},
|
||||
'triggers': {
|
||||
'svc_systemd:dovecot:restart',
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
svc_systemd = {
|
||||
'dovecot': {
|
||||
'needs': {
|
||||
'action:dovecot_generate_dhparam',
|
||||
'file:/etc/dovecot/dovecot.conf',
|
||||
'file:/etc/dovecot/dovecot-sql.conf',
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
if node.has_bundle('rspamd'):
|
||||
files['/var/mail/vmail/sieve/global/learn-ham.sieve'] = {
|
||||
'owner': 'nobody',
|
||||
'group': 'nogroup',
|
||||
}
|
||||
files['/var/mail/vmail/sieve/global/learn-spam.sieve'] = {
|
||||
'owner': 'nobody',
|
||||
'group': 'nogroup',
|
||||
}
|
||||
files['/var/mail/vmail/sieve/global/spam-global.sieve'] = {
|
||||
'owner': 'nobody',
|
||||
'group': 'nogroup',
|
||||
}
|
52
bundles/dovecot/metadata.py
Normal file
52
bundles/dovecot/metadata.py
Normal file
|
@ -0,0 +1,52 @@
|
|||
defaults = {
|
||||
'apt': {
|
||||
'packages': {
|
||||
'dovecot-imapd': {},
|
||||
'dovecot-lmtpd': {},
|
||||
'dovecot-managesieved': {},
|
||||
'dovecot-pgsql': {},
|
||||
'dovecot-sieve': {},
|
||||
},
|
||||
},
|
||||
'icinga2_api': {
|
||||
'dovecot': {
|
||||
'services': {
|
||||
'DOVECOT PROCESS': {
|
||||
'command_on_monitored_host': '/usr/local/share/icinga/plugins/check_systemd_unit dovecot',
|
||||
},
|
||||
'IMAP CONNECT': {
|
||||
'check_command': 'check_imap',
|
||||
'vars.imap_port': 143,
|
||||
},
|
||||
'IMAPS CONNECT': {
|
||||
'check_command': 'check_imap',
|
||||
'vars.imap_port': 993,
|
||||
'vars.imap_ssl': True,
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
if node.has_bundle('postfixadmin'):
|
||||
defaults['dovecot'] = {
|
||||
'database': {
|
||||
'dbname': 'postfixadmin',
|
||||
'dbuser': 'postfixadmin',
|
||||
},
|
||||
}
|
||||
|
||||
|
||||
@metadata_reactor
|
||||
def import_database_settings_from_postfixadmin(metadata):
|
||||
if not node.has_bundle('postfixadmin'):
|
||||
raise DoNotRunAgain
|
||||
|
||||
return {
|
||||
'dovecot': {
|
||||
'admin_email': metadata.get('postfixadmin/admin_email'),
|
||||
'database': {
|
||||
'dbpass': metadata.get('postgresql/users/postfixadmin/password'),
|
||||
},
|
||||
},
|
||||
}
|
Loading…
Reference in a new issue