summaryrefslogtreecommitdiff
path: root/playbooks/roles/mail/templates/volumes/data/dms/config
diff options
context:
space:
mode:
Diffstat (limited to 'playbooks/roles/mail/templates/volumes/data/dms/config')
-rw-r--r--playbooks/roles/mail/templates/volumes/data/dms/config/dovecot.cf27
-rw-r--r--playbooks/roles/mail/templates/volumes/data/dms/config/postfix-master.cf3
-rwxr-xr-xplaybooks/roles/mail/templates/volumes/data/dms/config/user-patches.sh13
3 files changed, 37 insertions, 6 deletions
diff --git a/playbooks/roles/mail/templates/volumes/data/dms/config/dovecot.cf b/playbooks/roles/mail/templates/volumes/data/dms/config/dovecot.cf
new file mode 100644
index 0000000..62d0550
--- /dev/null
+++ b/playbooks/roles/mail/templates/volumes/data/dms/config/dovecot.cf
@@ -0,0 +1,27 @@
+haproxy_trusted_networks = {{ homelab_network }}
+
+service imap-login {
+ inet_listener imap {
+ haproxy = yes
+ }
+
+ inet_listener imaps {
+ haproxy = yes
+ }
+}
+
+service pop3-login {
+ inet_listener pop3 {
+ haproxy = yes
+ }
+
+ inet_listener pop3s {
+ haproxy = yes
+ }
+}
+
+service managesieve-login {
+ inet_listener sieve {
+ haproxy = yes
+ }
+}
diff --git a/playbooks/roles/mail/templates/volumes/data/dms/config/postfix-master.cf b/playbooks/roles/mail/templates/volumes/data/dms/config/postfix-master.cf
new file mode 100644
index 0000000..1885f4d
--- /dev/null
+++ b/playbooks/roles/mail/templates/volumes/data/dms/config/postfix-master.cf
@@ -0,0 +1,3 @@
+smtp/inet/postscreen_upstream_proxy_protocol=haproxy
+submission/inet/smtpd_upstream_proxy_protocol=haproxy
+submissions/inet/smtpd_upstream_proxy_protocol=haproxy
diff --git a/playbooks/roles/mail/templates/volumes/data/dms/config/user-patches.sh b/playbooks/roles/mail/templates/volumes/data/dms/config/user-patches.sh
index c62753f..1749499 100755
--- a/playbooks/roles/mail/templates/volumes/data/dms/config/user-patches.sh
+++ b/playbooks/roles/mail/templates/volumes/data/dms/config/user-patches.sh
@@ -3,7 +3,13 @@
postconf -e 'smtpd_sasl_type = dovecot'
postconf -e 'smtpd_sasl_path = /dev/shm/sasl-auth.sock'
postconf -e 'smtpd_sasl_auth_enable = yes'
-postconf -e 'broken_sasl_auth_clients = yes'
+postconf -e 'broken_sasl_auth_clients = no'
+postconf -e 'smtpd_tls_auth_only = yes'
+postconf -e 'smtpd_tls_security_level = encrypt'
+
+postconf -e 'postscreen_bare_newline_enable = no'
+postconf -e 'postscreen_non_smtp_command_enable = no'
+postconf -e 'postscreen_pipelining_enable = no'
postconf -e 'smtp_tls_wrappermode = yes' # for relay
@@ -34,8 +40,3 @@ userdb {
args = username_format=%u uid=docker gid=docker home=/var/mail/%d/%u
default_fields = uid=docker gid=docker home=/var/mail/%d/%u
}" > /etc/dovecot/conf.d/auth-ldap.conf.ext
-
-#userdb {
-# driver = static
-# args = home=/var/mail/%u
-#}"
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2025-09-22 11:39:59 +0000