Geen omschrijving
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

dovecot.yml 3.3KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152
  1. ---
  2. # Installs and configures the Dovecot IMAP/POP3 server.
  3. - name: Install Dovecot and related packages
  4. apt:
  5. name: "{{ packages }}"
  6. state: present
  7. vars:
  8. packages:
  9. - dovecot-core
  10. - dovecot-imapd
  11. - dovecot-lmtpd
  12. - dovecot-managesieved
  13. - dovecot-pgsql
  14. - dovecot-pop3d
  15. - dovecot-antispam
  16. tags:
  17. - dependencies
  18. - name: Create vmail group
  19. group:
  20. name=vmail
  21. state=present
  22. gid=5000
  23. - name: Create vmail user
  24. user:
  25. name=vmail
  26. group=vmail
  27. state=present
  28. uid=5000
  29. home=/data
  30. shell=/usr/sbin/nologin
  31. - name: Ensure mail directory is in place
  32. file:
  33. state=directory
  34. path=/data/mail
  35. owner=vmail
  36. group=dovecot
  37. mode=0770
  38. - name: Ensure mail domain directories are in place
  39. file:
  40. state=directory
  41. path=/data/mail/{{ item.name }}
  42. owner=vmail
  43. group=dovecot
  44. mode=0770
  45. with_items: '{{ virtual_domains }}'
  46. - name: Ensure mail directories are in place
  47. file:
  48. state=directory
  49. path=/data/mail/{{ item.domain }}/{{ item.account }}
  50. owner=vmail
  51. group=dovecot
  52. with_items: '{{ mail_virtual_users }}'
  53. - name: Copy dovecot.conf into place
  54. copy:
  55. src=etc_dovecot_dovecot.conf
  56. dest=/etc/dovecot/dovecot.conf
  57. - name: Create before.d sieve scripts directory
  58. file:
  59. path=/etc/dovecot/sieve/before.d
  60. state=directory
  61. owner=vmail
  62. group=dovecot
  63. recurse=yes
  64. mode=0770
  65. notify: restart dovecot
  66. - name: Configure sieve script moving spam into Junk folder
  67. copy:
  68. src=etc_dovecot_sieve_before.d_no-spam.sieve
  69. dest=/etc/dovecot/sieve/before.d/no-spam.sieve
  70. owner=vmail
  71. group=dovecot
  72. notify: restart dovecot
  73. - name: Configure learning spam sieve script
  74. copy:
  75. src=etc_dovecot_sieve_learn_spam.sieve
  76. dest=/etc/dovecot/sieve/learn_spam.sieve
  77. owner=vmail
  78. group=dovecot
  79. notify: restart dovecot
  80. - name: Configure learning ham sieve script
  81. copy:
  82. src=etc_dovecot_sieve_learn_ham.sieve
  83. dest=/etc/dovecot/sieve/learn_ham.sieve
  84. owner=vmail
  85. group=dovecot
  86. notify: restart dovecot
  87. - name: Copy additional Dovecot configuration files in place
  88. copy:
  89. src=etc_dovecot_conf.d_{{ item }}
  90. dest=/etc/dovecot/conf.d/{{ item }}
  91. with_items:
  92. - 10-auth.conf
  93. - 10-mail.conf
  94. - 10-master.conf
  95. - 90-antispam.conf
  96. - 90-plugin.conf
  97. - 90-sieve.conf
  98. - auth-sql.conf.ext
  99. notify: restart dovecot
  100. - name: Template additional Dovecot configuration files
  101. template:
  102. src=etc_dovecot_conf.d_{{ item }}.j2
  103. dest=/etc/dovecot/conf.d/{{ item }}
  104. with_items:
  105. - 10-ssl.conf
  106. - 15-lda.conf
  107. - 20-imap.conf
  108. notify: restart dovecot
  109. - name: Template dovecot-sql.conf.ext
  110. template:
  111. src=etc_dovecot_dovecot-sql.conf.ext.j2
  112. dest=/etc/dovecot/dovecot-sql.conf.ext
  113. notify: restart dovecot
  114. - name: Ensure correct permissions on Dovecot config directory
  115. file:
  116. state=directory
  117. path=/etc/dovecot
  118. group=dovecot
  119. owner=vmail
  120. mode=0770
  121. recurse=yes
  122. notify: restart dovecot
  123. - name: Set firewall rules for dovecot
  124. ufw: rule=allow port={{ item }} proto=tcp
  125. with_items:
  126. - imaps
  127. - pop3s
  128. tags: ufw
  129. - name: Update post-certificate-renewal task
  130. copy:
  131. content: "#!/bin/bash\n\nservice dovecot restart\n"
  132. dest: /etc/letsencrypt/postrenew/dovecot.sh
  133. mode: 0755
  134. owner: root
  135. group: root