bundlewrap/bundles/dovecot/metadata.py

from bundlewrap.metadata import atomic

defaults = {
    'apt': {
        'packages': {
            'dovecot-fts-xapian': {},
            'dovecot-imapd': {},
            'dovecot-lmtpd': {},
            'dovecot-managesieved': {},
            'dovecot-pgsql': {},
            'dovecot-sieve': {},
        },
    },
    'icinga2_api': {
        'dovecot': {
            'services': {
                'DOVECOT PROCESS': {
                    'command_on_monitored_host': '/usr/local/share/icinga/plugins/check_systemd_unit dovecot',
                },
                'IMAP CONNECT': {
                    'check_command': 'check_imap',
                    'vars.imap_port': 143,
                    'vars.notification.sms': True,
                },
                'IMAPS CONNECT': {
                    'check_command': 'check_imap',
                    'vars.imap_port': 993,
                    'vars.imap_ssl': True,
                    'vars.notification.sms': True,
                },
            },
        },
    },
    'letsencrypt': {
        'reload_after': {
            'dovecot',
        },
    },
    'systemd-timers': {
        'timers': {
            'dovecot_fts_optimize': {
                'command': [
                    '/usr/bin/doveadm fts optimize -A',
                ],
                'when': '02:{}:00'.format(node.magic_number % 60),
            },
        },
    },
}

if node.has_bundle('postfixadmin'):
    defaults['dovecot'] = {
        'database': {
            'dbname': 'postfixadmin',
            'dbuser': 'postfixadmin',
        },
    }

if node.has_bundle('telegraf'):
    defaults['telegraf'] = {
        'input_plugins': {
            'builtin': {
                'dovecot': [{
                    'type': 'global',
                }],
            },
        },
    }


@metadata_reactor.provides(
    'dovecot/admin_email',
    'dovecot/database/dbpass',
)
def import_database_settings_from_postfixadmin(metadata):
    if not node.has_bundle('postfixadmin'):
        raise DoNotRunAgain

    return {
        'dovecot': {
            'admin_email': metadata.get('postfixadmin/admin_email'),
            'database': {
                'dbpass': metadata.get('postgresql/roles/postfixadmin/password'),
            },
        },
    }


@metadata_reactor.provides(
    'firewall/port_rules',
    'firewall/port_rules',
    'firewall/port_rules',
)
def firewall(metadata):
    return {
        'firewall': {
            'port_rules': {
                # imap(s)
                '143/tcp': atomic(metadata.get('dovecot/restrict-to', {'*'})),
                '993/tcp': atomic(metadata.get('dovecot/restrict-to', {'*'})),
                # managesieve
                '4190/tcp': atomic(metadata.get('dovecot/restrict-to', {'*'})),
            },
        },
    }