diff options
| author | Elizabeth Hunt <me@liz.coffee> | 2025-04-27 21:15:30 -0700 |
|---|---|---|
| committer | Elizabeth Hunt <me@liz.coffee> | 2025-04-27 21:25:52 -0700 |
| commit | daef0cf448af17357b552245f39067a9d340ce3d (patch) | |
| tree | f65a660f7232f057b0c14e477c166006bfb83f87 /playbooks/roles/mail/templates/volumes/data/dms/config | |
| parent | 1dcdfe34a74708f88aad68af965f4bb5c79adff1 (diff) | |
| download | infra-daef0cf448af17357b552245f39067a9d340ce3d.tar.gz infra-daef0cf448af17357b552245f39067a9d340ce3d.zip | |
Waow
Diffstat (limited to 'playbooks/roles/mail/templates/volumes/data/dms/config')
3 files changed, 37 insertions, 6 deletions
diff --git a/playbooks/roles/mail/templates/volumes/data/dms/config/dovecot.cf b/playbooks/roles/mail/templates/volumes/data/dms/config/dovecot.cf new file mode 100644 index 0000000..62d0550 --- /dev/null +++ b/playbooks/roles/mail/templates/volumes/data/dms/config/dovecot.cf @@ -0,0 +1,27 @@ +haproxy_trusted_networks = {{ homelab_network }} + +service imap-login { + inet_listener imap { + haproxy = yes + } + + inet_listener imaps { + haproxy = yes + } +} + +service pop3-login { + inet_listener pop3 { + haproxy = yes + } + + inet_listener pop3s { + haproxy = yes + } +} + +service managesieve-login { + inet_listener sieve { + haproxy = yes + } +} diff --git a/playbooks/roles/mail/templates/volumes/data/dms/config/postfix-master.cf b/playbooks/roles/mail/templates/volumes/data/dms/config/postfix-master.cf new file mode 100644 index 0000000..1885f4d --- /dev/null +++ b/playbooks/roles/mail/templates/volumes/data/dms/config/postfix-master.cf @@ -0,0 +1,3 @@ +smtp/inet/postscreen_upstream_proxy_protocol=haproxy +submission/inet/smtpd_upstream_proxy_protocol=haproxy +submissions/inet/smtpd_upstream_proxy_protocol=haproxy diff --git a/playbooks/roles/mail/templates/volumes/data/dms/config/user-patches.sh b/playbooks/roles/mail/templates/volumes/data/dms/config/user-patches.sh index c62753f..1749499 100755 --- a/playbooks/roles/mail/templates/volumes/data/dms/config/user-patches.sh +++ b/playbooks/roles/mail/templates/volumes/data/dms/config/user-patches.sh @@ -3,7 +3,13 @@ postconf -e 'smtpd_sasl_type = dovecot' postconf -e 'smtpd_sasl_path = /dev/shm/sasl-auth.sock' postconf -e 'smtpd_sasl_auth_enable = yes' -postconf -e 'broken_sasl_auth_clients = yes' +postconf -e 'broken_sasl_auth_clients = no' +postconf -e 'smtpd_tls_auth_only = yes' +postconf -e 'smtpd_tls_security_level = encrypt' + +postconf -e 'postscreen_bare_newline_enable = no' +postconf -e 'postscreen_non_smtp_command_enable = no' +postconf -e 'postscreen_pipelining_enable = no' postconf -e 'smtp_tls_wrappermode = yes' # for relay @@ -34,8 +40,3 @@ userdb { args = username_format=%u uid=docker gid=docker home=/var/mail/%d/%u default_fields = uid=docker gid=docker home=/var/mail/%d/%u }" > /etc/dovecot/conf.d/auth-ldap.conf.ext - -#userdb { -# driver = static -# args = home=/var/mail/%u -#}" |