diff options
| author | Malfurious <m@lfurio.us> | 2024-06-07 15:53:38 -0400 |
|---|---|---|
| committer | Malfurious <m@lfurio.us> | 2024-06-09 14:16:42 -0400 |
| commit | 21cbfd354bc2586b26e1bcff00a388e50aa92bba (patch) | |
| tree | f80b3f3647c6caf2f3e9a359f291536fae602d0e /dovecot | |
| parent | 05dea2d2e10e01fa05ce3c689e9bd7d88e94d64a (diff) | |
| download | mailnode-21cbfd354bc2586b26e1bcff00a388e50aa92bba.tar.gz mailnode-21cbfd354bc2586b26e1bcff00a388e50aa92bba.zip | |
Basic service configuration
Setup postfix and dovecot to work with virtual domains/mailboxes and
user accounts defined in the userconfig directory. Services are also
configured to use TLS certificates that will later be provided by the
nginx-proxy acme service.
Basic formatting and informative comments are added to config files.
Signed-off-by: Malfurious <m@lfurio.us>
Diffstat (limited to 'dovecot')
| -rw-r--r-- | dovecot/dovecot.conf | 101 |
1 files changed, 20 insertions, 81 deletions
diff --git a/dovecot/dovecot.conf b/dovecot/dovecot.conf index 7e9953f..19f5ebd 100644 --- a/dovecot/dovecot.conf +++ b/dovecot/dovecot.conf @@ -13,89 +13,28 @@ # source/destination IPs by placing the settings inside sections, for example: # protocol imap { }, local 127.0.0.1 { }, remote 10.0.0.0/8 { } -# Default values are shown for each setting, it's not required to uncomment -# those. These are exceptions to this though: No sections (e.g. namespace {}) -# or plugin settings are added by default, they're listed only as examples. -# Paths are also just examples with the real defaults being based on configure -# options. The paths listed here are for configure --prefix=/usr -# --sysconfdir=/etc --localstatedir=/var +protocols = imap +auth_mechanisms = plain -# Enable installed protocols -!include_try /usr/share/dovecot/protocols.d/*.protocol +ssl_cert = </etc/certs/ENV_HOSTNAME/fullchain.pem +ssl_key = </etc/certs/ENV_HOSTNAME/key.pem +ssl_dh = </etc/certs/dhparam.pem -# A comma separated list of IPs or hosts where to listen in for connections. -# "*" listens in all IPv4 interfaces, "::" listens in all IPv6 interfaces. -# If you want to specify non-default ports or anything more complex, -# edit conf.d/master.conf. -#listen = *, :: - -# Base directory where to store runtime data. -#base_dir = /var/run/dovecot/ - -# Name of this instance. In multi-instance setup doveadm and other commands -# can use -i <instance_name> to select which instance is used (an alternative -# to -c <config_path>). The instance name is also added to Dovecot processes -# in ps output. -#instance_name = dovecot - -# Greeting message for clients. -#login_greeting = Dovecot ready. - -# Space separated list of trusted network ranges. Connections from these -# IPs are allowed to override their IP addresses and ports (for logging and -# for authentication checks). disable_plaintext_auth is also ignored for -# these networks. Typically you'd specify your IMAP proxy servers here. -#login_trusted_networks = - -# Space separated list of login access check sockets (e.g. tcpwrap) -#login_access_sockets = - -# With proxy_maybe=yes if proxy destination matches any of these IPs, don't do -# proxying. This isn't necessary normally, but may be useful if the destination -# IP is e.g. a load balancer's IP. -#auth_proxy_self = - -# Show more verbose process titles (in ps). Currently shows user name and -# IP address. Useful for seeing who are actually using the IMAP processes -# (eg. shared mailboxes or if same uid is used for multiple accounts). -#verbose_proctitle = no - -# Should all processes be killed when Dovecot master process shuts down. -# Setting this to "no" means that Dovecot can be upgraded without -# forcing existing client connections to close (although that could also be -# a problem if the upgrade is e.g. because of a security fix). -#shutdown_clients = yes - -# If non-zero, run mail commands via this many connections to doveadm server, -# instead of running them directly in the same process. -#doveadm_worker_count = 0 -# UNIX socket or host:port used for connecting to doveadm server -#doveadm_socket_path = doveadm-server - -# Space separated list of environment variables that are preserved on Dovecot -# startup and passed down to all of its child processes. You can also give -# key=value pairs to always set specific settings. -#import_environment = TZ - -## -## Dictionary server settings -## - -# Dictionary can be used to store key=value lists. This is used by several -# plugins. The dictionary can be accessed either directly or though a -# dictionary server. The following dict block maps dictionary names to URIs -# when the server is used. These can then be referenced using URIs in format -# "proxy::<name>". - -dict { - #quota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext +# Users defined by the user-configured password file +passdb { + driver = passwd-file + args = /etc/userconfig/passwd +} +userdb { + driver = passwd-file + args = /etc/userconfig/passwd } -# Most of the actual configuration gets included below. The filenames are -# first sorted by their ASCII value and parsed in that order. The 00-prefixes -# in filenames are intended to make it easier to understand the ordering. -!include conf.d/*.conf -# A config file can also tried to be included without giving an error if -# it's not found: -!include_try local.conf +# Location for users mailboxes +# %u - username +# %n - user part in user@domain, same as %u if there's no domain +# %d - domain part in user@domain, empty if there's no domain +# %h - home directory +mail_home = /var/mail/vhost/%d/%n +mail_location = maildir:~ |