crans
/
ansible
mirror of http://gitlab.adm.crans.org/nounous/ansible.git
19
0
Fork 0
Code Issues Projects Releases Wiki Activity

[dovecot] Updating the configuration and listening on the adm for the auth

certbot_on_virtu
_shirenn 2021-07-24 11:48:15 +02:00
parent fe4eab31da
commit cb673818f8
3 changed files with 14 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
group_vars/dovecot.yml
View File

@ -1,3 +1,8 @@
glob_dovecot: glob_dovecot:
ldap_dn: 'cn=dovecot,ou=service-users,dc=crans,dc=org' ldap:
uri: "ldap://{{ query('ldap', 'ip', 're2o-ldap', 'adm') | ipv4 | first }}/"
dn: 'cn=dovecot,ou=service-users,dc=crans,dc=org'
pass: "{{ vault.dovecot_dnpass }}"
users_base: 'cn=Utilisateurs,dc=crans,dc=org'
home_path: '/home_adh'
inet_listener: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ipwrap | join(', ') }}" inet_listener: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ipwrap | join(', ') }}"

5
roles/dovecot/templates/dovecot/conf.d/10-master.conf.j2
View File

@ -16,7 +16,7 @@ default_process_limit = 500
service imap-login { service imap-login {
inet_listener imap { inet_listener imap {
address = 127.0.0.1, {{ dovecot.inet_listener }} address = 127.0.0.1, [::1], {{ dovecot.inet_listener }}
port = 143 port = 143
} }
inet_listener imaps { inet_listener imaps {
@ -39,7 +39,7 @@ service imap-login {
service pop3-login { service pop3-login {
inet_listener pop3 { inet_listener pop3 {
address = 127.0.0.1, {{ dovecot.inet_listener }} address = 127.0.0.1, [::1], {{ dovecot.inet_listener }}
port = 110 port = 110
} }
inet_listener pop3s { inet_listener pop3s {
@ -119,6 +119,7 @@ service auth {
client_limit = 1024 client_limit = 1024
inet_listener { inet_listener {
address = 127.0.0.1, [::1], {{ dovecot.inet_listener }}
port = 4242 port = 4242
} }
} }

10
roles/dovecot/templates/dovecot/dovecot-ldap.conf.ext.j2
View File

@ -18,14 +18,14 @@
# LDAP URIs to use. You can use this instead of hosts list. Note that this # LDAP URIs to use. You can use this instead of hosts list. Note that this
# setting isn't supported by all LDAP libraries. # setting isn't supported by all LDAP libraries.
uris = {{ ldap.uri }} uris = {{ dovecot.ldap.uri }}
# Distinguished Name - the username used to login to the LDAP server. # Distinguished Name - the username used to login to the LDAP server.
# Leave it commented out to bind anonymously (useful with auth_bind=yes). # Leave it commented out to bind anonymously (useful with auth_bind=yes).
dn = {{ dovecot.ldap_dn }} dn = {{ dovecot.ldap.dn }}
# Password for LDAP server, if dn is specified. # Password for LDAP server, if dn is specified.
dnpass = {{ vault.dovecot_dnpass }} dnpass = {{ dovecot.ldap.pass }}
# Use SASL binding instead of the simple binding. Note that this changes # Use SASL binding instead of the simple binding. Note that this changes
# ldap_version automatically to be 3 if it's lower. Also note that SASL binds # ldap_version automatically to be 3 if it's lower. Also note that SASL binds
@ -87,7 +87,7 @@ dnpass = {{ vault.dovecot_dnpass }}
# LDAP base. %variables can be used here. # LDAP base. %variables can be used here.
# For example: dc=mail, dc=example, dc=org # For example: dc=mail, dc=example, dc=org
base = {{ ldap.users_base }} base = {{ dovecot.ldap.users_base }}
# Dereference: never, searching, finding, always # Dereference: never, searching, finding, always
#deref = never #deref = never
@ -104,7 +104,7 @@ base = {{ ldap.users_base }}
# #
# There are also other special fields which can be returned, see # There are also other special fields which can be returned, see
# http://wiki2.dovecot.org/UserDatabase/ExtraFields # http://wiki2.dovecot.org/UserDatabase/ExtraFields
user_attrs = homeDirectory=home,uidNumber=uid,gidNumber=gid user_attrs = homeDirectory=home={{ dovecot.home_path }}/%u,uidNumber=uid,gidNumber=gid
# Filter for user lookup. Some variables can be used (see # Filter for user lookup. Some variables can be used (see