diff options
| author | Guilhem Moulin <guilhem@fripost.org> | 2022-10-11 13:24:54 +0200 |
|---|---|---|
| committer | Guilhem Moulin <guilhem@fripost.org> | 2022-10-11 13:57:22 +0200 |
| commit | a69c2e1c3c771db93d98a253192e131af40c9830 (patch) | |
| tree | 439c92876e3a74a760d6a9822d6d22154f7a8179 | |
| parent | 5d1907daa5e38f5c287a17e082b50cc01a72f396 (diff) | |
Prefix ‘ipaddr’ and ‘ipv4’ with ‘ansible.utils.’.
This silences the following deprecation warning:
Use 'ansible.utils.ipaddr' module instead. This feature will be removed from ansible.netcommon in a release after 2024-01-01.
Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.
| -rw-r--r-- | group_vars/all.yml | 2 | ||||
| -rw-r--r-- | roles/IMAP/templates/etc/postfix/main.cf.j2 | 2 | ||||
| -rw-r--r-- | roles/MSA/templates/etc/postfix/main.cf.j2 | 4 | ||||
| -rw-r--r-- | roles/MX/templates/etc/postfix/main.cf.j2 | 2 | ||||
| -rw-r--r-- | roles/MX/templates/etc/postfix/virtual/transport.j2 | 4 | ||||
| -rw-r--r-- | roles/common/templates/etc/ipsec.conf.j2 | 4 | ||||
| -rw-r--r-- | roles/common/templates/etc/munin/munin-node.conf.j2 | 2 | ||||
| -rwxr-xr-x | roles/common/templates/etc/nftables.conf.j2 | 4 | ||||
| -rw-r--r-- | roles/common/templates/etc/postfix/main.cf.j2 | 2 | ||||
| -rw-r--r-- | roles/lists/templates/etc/postfix/main.cf.j2 | 2 | ||||
| -rw-r--r-- | roles/webmail/tasks/roundcube.yml | 24 | ||||
| -rw-r--r-- | roles/webmail/templates/etc/roundcube/plugins/managesieve/config.inc.php.j2 | 2 |
12 files changed, 27 insertions, 27 deletions
diff --git a/group_vars/all.yml b/group_vars/all.yml index 6d711ec..760ea09 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -31,41 +31,41 @@ postfix_instance: # XXX it's unfortunate that we can only specify a single address, and # therefore have to limit the number of outgoing SMTP proxy and # IMAP server to one. Since hosts(5) files cannot map and IP # address to multiple hostnames, a workaround would be to use # round-robin DNS, but we can't rely on DNS as long as our zone is # unsigned. IMAP: { name: mda , addr: "{{ (groups.all | length > 1) | ternary( ipsec[ hostvars[groups.IMAP[0]].inventory_hostname_short ], '127.0.0.1') }}" , port: 2526 } MX: { name: mx, group: mta } out: { name: out, group: mta , addr: "{{ (groups.all | length > 1) | ternary( ipsec[ hostvars[groups.out[0]].inventory_hostname_short ], '127.0.0.1') }}" , port: 2525 } MSA: { name: msa , addr: "{{ (groups.all | length > 1) | ternary( ipsec[ hostvars[groups.MSA[0]].inventory_hostname_short ], '127.0.0.1') }}" , port: 2587 } lists: { name: lists , addr: "{{ (groups.all | length > 1) | ternary( ipsec[ hostvars[groups.lists[0]].inventory_hostname_short ], '127.0.0.1') }}" , port: 2527 } -imapsvr_addr: "{{ postfix_instance.IMAP.addr | ipaddr }}" +imapsvr_addr: "{{ postfix_instance.IMAP.addr | ansible.utils.ipaddr }}" dkim_keys: giraff: # match key "fripost.org": # domain of the entity signing the message (should be unique accross match keys) d: fripost.org # selector (randomly generated with `xxd -p -l16 </dev/urandom`) s: 8f00fb94ec6c37aacb48bd43e073f9b7 "lists.fripost.org": d: lists.fripost.org s: d3df4ddda85e3c927621b1b02a9cbb85 "guilhem@debian.org": d: debian.org s: 5d30c523ff3622ed454230a16a11ddf6.guilhem.user "guilhem.org": d: guilhem.org s: d32231afe345182ae1a9b376fa912dca "hemdal.se": d: hemdal.se diff --git a/roles/IMAP/templates/etc/postfix/main.cf.j2 b/roles/IMAP/templates/etc/postfix/main.cf.j2 index 2105d29..64a2a40 100644 --- a/roles/IMAP/templates/etc/postfix/main.cf.j2 +++ b/roles/IMAP/templates/etc/postfix/main.cf.j2 @@ -4,41 +4,41 @@ # {{ ansible_managed }} # Do NOT edit this file directly! smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) biff = no readme_directory = no compatibility_level = 2 smtputf8_enable = no delay_warning_time = 4h maximal_queue_lifetime = 5d myorigin = /etc/mailname myhostname = mda{{ imapno | default('') }}.$mydomain mydomain = fripost.org append_dot_mydomain = no mynetworks = 127.0.0.0/8, [::1]/128 {%- if groups.all | length > 1 -%} {%- for mx in groups.MX | sort -%} - , {{ ipsec[ hostvars[mx].inventory_hostname_short ] | ipaddr }} + , {{ ipsec[ hostvars[mx].inventory_hostname_short ] | ansible.utils.ipaddr }} {%- endfor %} {% endif %} queue_directory = /var/spool/postfix-{{ postfix_instance[inst].name }} data_directory = /var/lib/postfix-{{ postfix_instance[inst].name }} multi_instance_group = {{ postfix_instance[inst].group | default('') }} multi_instance_name = postfix-{{ postfix_instance[inst].name }} multi_instance_enable = yes # No local delivery mydestination = local_transport = error:5.1.1 Mailbox unavailable alias_maps = alias_database = local_recipient_maps = message_size_limit = 0 recipient_delimiter = + diff --git a/roles/MSA/templates/etc/postfix/main.cf.j2 b/roles/MSA/templates/etc/postfix/main.cf.j2 index a435b0f..bc98d9e 100644 --- a/roles/MSA/templates/etc/postfix/main.cf.j2 +++ b/roles/MSA/templates/etc/postfix/main.cf.j2 @@ -3,61 +3,61 @@ # # {{ ansible_managed }} # Do NOT edit this file directly! smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) biff = no readme_directory = no compatibility_level = 2 smtputf8_enable = no delay_warning_time = 4h maximal_queue_lifetime = 5d myorigin = /etc/mailname myhostname = smtp{{ msano | default('') }}.$mydomain mydomain = fripost.org append_dot_mydomain = no mynetworks = 127.0.0.0/8, [::1]/128 {%- for h in groups.webmail | difference([inventory_hostname]) | sort -%} - , {{ ipsec[ hostvars[h].inventory_hostname_short ] | ipaddr }} + , {{ ipsec[ hostvars[h].inventory_hostname_short ] | ansible.utils.ipaddr }} {% endfor %} queue_directory = /var/spool/postfix-{{ postfix_instance[inst].name }} data_directory = /var/lib/postfix-{{ postfix_instance[inst].name }} multi_instance_group = {{ postfix_instance[inst].group | default('') }} multi_instance_name = postfix-{{ postfix_instance[inst].name }} multi_instance_enable = yes # No local delivery mydestination = local_transport = error:5.1.1 Mailbox unavailable alias_maps = alias_database = local_recipient_maps = message_size_limit = 67108864 recipient_delimiter = + # Forward everything to our internal outgoing proxy -relayhost = [{{ postfix_instance.out.addr | ipaddr }}]:{{ postfix_instance.out.port }} +relayhost = [{{ postfix_instance.out.addr | ansible.utils.ipaddr }}]:{{ postfix_instance.out.port }} relay_domains = # Don't rewrite remote headers local_header_rewrite_clients = # Avoid splitting the envelope and scanning messages multiple times smtp_destination_recipient_limit = 1000 # Tolerate occasional high latency smtp_data_done_timeout = 1200s policyd-spf_time_limit = $ipc_timeout # Anonymize the (authenticated) sender; pass the mail to the antivirus header_checks = pcre:$config_directory/anonymize_sender.pcre #content_filter = amavisfeed:unix:public/amavisfeed-antivirus # TLS smtp_tls_security_level = none smtpd_tls_security_level = encrypt smtpd_tls_mandatory_ciphers = high diff --git a/roles/MX/templates/etc/postfix/main.cf.j2 b/roles/MX/templates/etc/postfix/main.cf.j2 index 36315d1..d10f901 100644 --- a/roles/MX/templates/etc/postfix/main.cf.j2 +++ b/roles/MX/templates/etc/postfix/main.cf.j2 @@ -20,41 +20,41 @@ append_dot_mydomain = no mynetworks_style = host queue_directory = /var/spool/postfix-{{ postfix_instance[inst].name }} data_directory = /var/lib/postfix-{{ postfix_instance[inst].name }} multi_instance_group = {{ postfix_instance[inst].group | default('') }} multi_instance_name = postfix-{{ postfix_instance[inst].name }} multi_instance_enable = yes # No local delivery mydestination = local_transport = error:5.1.1 Mailbox unavailable alias_maps = alias_database = local_recipient_maps = message_size_limit = 67108864 recipient_delimiter = + # Forward everything to our internal outgoing proxy -relayhost = [{{ postfix_instance.out.addr | ipaddr }}]:{{ postfix_instance.out.port }} +relayhost = [{{ postfix_instance.out.addr | ansible.utils.ipaddr }}]:{{ postfix_instance.out.port }} relay_domains = # Virtual transport # We use a dedicated "virtual" domain to decongestion potential # bottlenecks on trivial_rewrite(8) due to slow LDAP lookups in # tranport_maps. virtual_transport = error:5.1.1 Virtual transport unavailable virtual_alias_domains = !lmdb:$config_directory/virtual/transport ldap:$config_directory/virtual/domains.cf virtual_alias_maps = pcre:$config_directory/virtual/reserved_alias.pcre # unless there is a matching user/alias/list... ldap:$config_directory/virtual/mailbox.cf ldap:$config_directory/virtual/alias.cf ldap:$config_directory/virtual/list.cf # ...we resolve alias domains and catch alls ldap:$config_directory/virtual/alias_domains.cf ldap:$config_directory/virtual/catchall.cf transport_maps = lmdb:$config_directory/virtual/transport diff --git a/roles/MX/templates/etc/postfix/virtual/transport.j2 b/roles/MX/templates/etc/postfix/virtual/transport.j2 index 126cb72..536748a 100644 --- a/roles/MX/templates/etc/postfix/virtual/transport.j2 +++ b/roles/MX/templates/etc/postfix/virtual/transport.j2 @@ -1,21 +1,21 @@ # Each valid address user@example.org is aliased (on the MX) into some # example.org/user@xxx.fripost.org, and non-defaults next-hop:port are # chosen here in that table, depending on 'xxx'. The reason for such # indirection is that there is only one qmgr(8) daemon, which delegate # the routing strategy to the trivial-rewrite(8), which in turns queries # transport_maps. Hence high latency maps such as LDAP or SQL would # congestion the queue manager. On the other hand, virtual aliasing is # performed by cleanup(8), multiples instances of which can run in # parallel. See http://www.postfix.org/ADDRESS_REWRITING_README.html . # # /!\ WARNING: xxx.fripost.org should NOT be in the list of valid # domains ($virtual_alias_domains)! Otherwise at the next iteration of # the alias resolution loop the domain will be validated but not the # address, and the MTA will reply with "Recipient address rejected: User # unknown in virtual alias table". reserved.fripost.org reserved-alias: discard.fripost.org discard: -mda.fripost.org smtp:[{{ postfix_instance.IMAP.addr | ipaddr }}]:{{ postfix_instance.IMAP.port }} -sympa.fripost.org smtp:[{{ postfix_instance.lists.addr | ipaddr }}]:{{ postfix_instance.lists.port }} +mda.fripost.org smtp:[{{ postfix_instance.IMAP.addr | ansible.utils.ipaddr }}]:{{ postfix_instance.IMAP.port }} +sympa.fripost.org smtp:[{{ postfix_instance.lists.addr | ansible.utils.ipaddr }}]:{{ postfix_instance.lists.port }} diff --git a/roles/common/templates/etc/ipsec.conf.j2 b/roles/common/templates/etc/ipsec.conf.j2 index 6b3840f..e7505b4 100644 --- a/roles/common/templates/etc/ipsec.conf.j2 +++ b/roles/common/templates/etc/ipsec.conf.j2 @@ -1,44 +1,44 @@ # {{ ansible_managed }} # Do NOT edit this file directly! config setup charondebug = "dmn 0, lib 0, cfg 0, ike 0, enc 0, net 0" conn %default keyexchange = ikev2 keyingtries = %forever ike = aes256gcm16-prfsha384-ecp384! esp = aes256gcm16-ecp384! {% if 'NATed' not in group_names %} mobike = no {% endif %} {% if 'DynDNS' in group_names %} leftallowany = yes {% endif %} leftauth = pubkey left = %defaultroute - leftsubnet = {{ ipsec[inventory_hostname_short] | ipv4 }}/32 + leftsubnet = {{ ipsec[inventory_hostname_short] | ansible.utils.ipv4 }}/32 leftid = {{ inventory_hostname }} leftsigkey = {{ inventory_hostname_short }}.pem leftfirewall = no lefthostaccess = yes rightauth = pubkey auto = route dpdaction = hold inactivity = 30m modeconfig = push {% for host in groups.all | difference([inventory_hostname]) | sort %} conn {{ hostvars[host].inventory_hostname_short }} right = {{ hostvars[host].inventory_hostname }} {% if 'DynDNS' in hostvars[host].group_names %} rightallowany = yes {% endif %} rightsigkey = {{ hostvars[host].inventory_hostname_short }}.pem - rightsubnet = {{ ipsec[ hostvars[host].inventory_hostname_short ] | ipv4 }}/32 + rightsubnet = {{ ipsec[ hostvars[host].inventory_hostname_short ] | ansible.utils.ipv4 }}/32 {% if 'NATed' not in group_names and 'NATed' in hostvars[host].group_names %} mobike = yes {% endif %} {%- endfor %} diff --git a/roles/common/templates/etc/munin/munin-node.conf.j2 b/roles/common/templates/etc/munin/munin-node.conf.j2 index a1391d9..1aba053 100644 --- a/roles/common/templates/etc/munin/munin-node.conf.j2 +++ b/roles/common/templates/etc/munin/munin-node.conf.j2 @@ -25,28 +25,28 @@ group root # Regexps for files to ignore ignore_file [\#~]$ ignore_file DEADJOE$ ignore_file \.bak$ ignore_file %$ ignore_file \.dpkg-(tmp|new|old|dist)$ ignore_file \.rpm(save|new)$ ignore_file \.pod$ # Set this if the client doesn't report the correct hostname when # telnetting to {{ ipsec[inventory_hostname_short] }}, port 4949 # host_name {{ inventory_hostname_short }} # A list of addresses that are allowed to connect. This must be a # regular expression, since Net::Server does not understand CIDR-style # network notation unless the perl module Net::CIDR is installed. You # may repeat the allow line as many times as you'd like {% for host in groups['munin_master'] %} -allow ^{{ ipsec[ hostvars[host].inventory_hostname_short ] | ipv4 | replace(".","\.") }}$ +allow ^{{ ipsec[ hostvars[host].inventory_hostname_short ] | ansible.utils.ipv4 | replace(".","\.") }}$ {% endfor %} # Which address to bind to; host {{ ipsec[inventory_hostname_short] }} # And which port port 4994 diff --git a/roles/common/templates/etc/nftables.conf.j2 b/roles/common/templates/etc/nftables.conf.j2 index 8d81d4c..66b1f9d 100755 --- a/roles/common/templates/etc/nftables.conf.j2 +++ b/roles/common/templates/etc/nftables.conf.j2 @@ -56,50 +56,50 @@ table netdev filter { # IPsec traffic (refined later in the filter rule) ip saddr {{ ipsec_subnet }} ip daddr {{ ipsec[inventory_hostname_short] }} meta secpath exists accept # rate-limiting is done directly by the kernel (net.ipv4.icmp_{ratelimit,ratemask} runtime options) icmp type { echo-reply, echo-request, destination-unreachable, time-exceeded } counter accept icmpv6 type { echo-reply, echo-request, destination-unreachable, packet-too-big, time-exceeded, parameter-problem } counter accept # accept neighbour discovery for autoconfiguration, RFC 4890 sec. 4.4.1 ip6 hoplimit 255 icmpv6 type { 133,134,135,136,141,142 } counter accept # accept link-local multicast receiver notification messages ip6 saddr fe80::/10 ip6 daddr ff02::/16 ip6 hoplimit 1 icmpv6 type { 130,131,132,143 } counter accept # drop all remaining ICMP/ICMPv6 traffic meta l4proto { icmp, icmpv6 } counter drop # bogon filter (cf. RFC 6890 for non-global ip addresses) define bogon = { 0.0.0.0/8 # this host, on this network (RFC 1122 sec. 3.2.1.3) -{% if not addr | ipaddr('10.0.0.0/8') %} +{% if not addr | ansible.utils.ipaddr('10.0.0.0/8') %} , 10.0.0.0/8 # private-use (RFC 1918) {% endif %} , 100.64.0.0/10 # shared address space (RFC 6598) , 127.0.0.0/8 # loopback (RFC 1122, sec. 3.2.1.3) , 169.254.0.0/16 # link local (RFC 3927) , 172.16.0.0/12 # private-use (RFC 1918) , 192.0.0.0/24 # IETF protocol assignments (RFC 6890 sec. 2.1) , 192.0.2.0/24 # documentation (RFC 5737) -{% if not addr | ipaddr('192.168.0.0/16') %} +{% if not addr | ansible.utils.ipaddr('192.168.0.0/16') %} , 192.168.0.0/16 # private-use (RFC 1918) {% endif %} , 198.18.0.0/15 # benchmarking (RFC 2544) , 198.51.100.0/24 # documentation (RFC 5737) , 203.0.113.0/24 # documentation (RFC 5737) , 224.0.0.0/3 # multicast - class D 224.0.0.0/4 + class E 240.0.0.0/4 (RFC 1112 sec. 4) , 255.255.255.255/32 # limited broadcast (RFC 0919 sec. 7) } ip saddr $bogon counter drop ip daddr $bogon counter drop # See also https://www.team-cymru.org/Services/Bogons/fullbogons-ipv6.txt define bogon6 = { ::1/128 # loopback address (RFC 4291) , ::/128 # unspecified (RFC 4291) , ::ffff:0:0/96 # IPv4-mapped address (RFC 4291) , 100::/64 # discard-only address block (RFC 6666) , 2001::/23 # IETF protocol assignments (RFC 2928) , 2001::/32 # TEREDO (RFC 4380) diff --git a/roles/common/templates/etc/postfix/main.cf.j2 b/roles/common/templates/etc/postfix/main.cf.j2 index b369d43..5ac7920 100644 --- a/roles/common/templates/etc/postfix/main.cf.j2 +++ b/roles/common/templates/etc/postfix/main.cf.j2 @@ -14,35 +14,35 @@ myorigin = /etc/mailname myhostname = {{ ansible_fqdn }} mydomain = {{ ansible_domain }} append_dot_mydomain = no # This server is for internal use only mynetworks_style = host inet_interfaces = loopback-only # No local delivery mydestination = local_transport = error:5.1.1 Mailbox unavailable alias_maps = local_recipient_maps = # All aliases are virtual default_database_type = lmdb virtual_alias_maps = lmdb:/etc/aliases alias_database = $virtual_alias_maps # Forward everything to our internal outgoing proxy -relayhost = [{{ postfix_instance.out.addr | ipaddr }}]:{{ postfix_instance.out.port }} +relayhost = [{{ postfix_instance.out.addr | ansible.utils.ipaddr }}]:{{ postfix_instance.out.port }} relay_domains = smtp_tls_security_level = none smtpd_tls_security_level = none {% set instances = postfix_instance.keys() | intersect(group_names) | list %} {%- if instances | length > 0 -%} # Other postfix instances multi_instance_wrapper = $command_directory/postmulti -p -- multi_instance_enable = yes multi_instance_directories ={% for i in instances | sort %} /etc/postfix-{{ postfix_instance[i].name }}{% endfor %} {% endif %} # vim: set filetype=pfmain : diff --git a/roles/lists/templates/etc/postfix/main.cf.j2 b/roles/lists/templates/etc/postfix/main.cf.j2 index 1bf02eb..2be1b41 100644 --- a/roles/lists/templates/etc/postfix/main.cf.j2 +++ b/roles/lists/templates/etc/postfix/main.cf.j2 @@ -4,41 +4,41 @@ # {{ ansible_managed }} # Do NOT edit this file directly! smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) biff = no readme_directory = no compatibility_level = 2 smtputf8_enable = no delay_warning_time = 4h maximal_queue_lifetime = 5d myorigin = /etc/mailname myhostname = lists.$mydomain mydomain = fripost.org append_dot_mydomain = no mynetworks = 127.0.0.0/8, [::1]/128 {%- if groups.all | length > 1 -%} {%- for mx in groups.MX | sort -%} - , {{ ipsec[ hostvars[mx].inventory_hostname_short ] | ipaddr }} + , {{ ipsec[ hostvars[mx].inventory_hostname_short ] | ansible.utils.ipaddr }} {%- endfor %} {% endif %} queue_directory = /var/spool/postfix-{{ postfix_instance[inst].name }} data_directory = /var/lib/postfix-{{ postfix_instance[inst].name }} multi_instance_group = {{ postfix_instance[inst].group | default('') }} multi_instance_name = postfix-{{ postfix_instance[inst].name }} multi_instance_enable = yes # No local delivery mydestination = local_transport = error:5.1.1 Mailbox unavailable alias_maps = alias_database = local_recipient_maps = message_size_limit = 0 recipient_delimiter = + diff --git a/roles/webmail/tasks/roundcube.yml b/roles/webmail/tasks/roundcube.yml index 1e27841..dc73358 100644 --- a/roles/webmail/tasks/roundcube.yml +++ b/roles/webmail/tasks/roundcube.yml @@ -93,53 +93,53 @@ copy: src=usr/share/roundcube/program/resources/{{ item }} dest=/usr/share/roundcube/program/resources/{{ item }} owner=root group=root mode=0644 with_items: - fripost_logo_black.png - fripost_logo_white.png - name: Configure Roundcube lineinfile: dest=/etc/roundcube/config.inc.php regexp='^\\s*\\$config\\[\'{{ item.var }}\'\\]\\s*=' line='$config[\'{{ item.var }}\'] = {{ item.value }};' owner=_roundcube group=nogroup mode=0600 with_items: # Logging/Debugging - { var: smtp_log, value: "false" } # IMAP # WARNING: After hostname change update of mail_host column in users # table is required to match old user data records with the new host. - - { var: default_host, value: "'{{ imapsvr_addr | ipaddr }}'" } - - { var: default_port, value: "143" } - - { var: imap_auth_type, value: "'PLAIN'" } - - { var: imap_cache, value: "null" } - - { var: imap_timeout, value: "180" } - - { var: imap_force_ns, value: "true" } - - { var: messages_cache, value: "false" } + - { var: default_host, value: "'{{ imapsvr_addr | ansible.utils.ipaddr }}'" } + - { var: default_port, value: "143" } + - { var: imap_auth_type, value: "'PLAIN'" } + - { var: imap_cache, value: "null" } + - { var: imap_timeout, value: "180" } + - { var: imap_force_ns, value: "true" } + - { var: messages_cache, value: "false" } # SMTP - - { var: smtp_server, value: "'{{ postfix_instance.MSA.addr | ipaddr }}'" } - - { var: smtp_port, value: "{{ postfix_instance.MSA.port }}" } - - { var: smtp_auth_type, value: "'PLAIN'" } - - { var: smtp_user, value: "'%u'" } - - { var: smtp_pass, value: "'%p'" } + - { var: smtp_server, value: "'{{ postfix_instance.MSA.addr | ansible.utils.ipaddr }}'" } + - { var: smtp_port, value: "{{ postfix_instance.MSA.port }}" } + - { var: smtp_auth_type, value: "'PLAIN'" } + - { var: smtp_user, value: "'%u'" } + - { var: smtp_pass, value: "'%p'" } # System - { var: force_https, value: "true" } - { var: login_autocomplete, value: "2" } - { var: username_domain, value: "'fripost.org'" } - { var: product_name, value: "'Fripost Webmail'" } - { var: password_charset, value: "'UTF-8'" } - { var: skin_logo, value: 'array("classic:*" => "program/resources/fripost_logo_black.png", "larry:*" => "program/resources/fripost_logo_white.png", "elastic:login[favicon]" => "", "elastic:login" => "program/resources/fripost_logo_black.png")' } # Plugins - { var: plugins, value: "array('archive','additional_message_headers','attachment_reminder','authres_status','emoticons','hide_blockquote','html5_notifier','managesieve','password','thunderbird_labels','vcard_attachments')" } # Spell Checking - { var: enable_spellcheck, value: "'true'" } - { var: spellcheck_engine, value: "'enchant'" } - { var: spellcheck_languages, value: "array('da','de','en','es','fr','no','sv')" } # User Interface - { var: skin, value: "'elastic'" } - { var: language, value: "'sv_SE'" } - { var: create_default_folders, value: "true" } - { var: support_url, value: "'https://fripost.org/kontakt/'" } # User Preferences - { var: htmleditor, value: "3" } diff --git a/roles/webmail/templates/etc/roundcube/plugins/managesieve/config.inc.php.j2 b/roles/webmail/templates/etc/roundcube/plugins/managesieve/config.inc.php.j2 index 66af466..cdbea59 100644 --- a/roles/webmail/templates/etc/roundcube/plugins/managesieve/config.inc.php.j2 +++ b/roles/webmail/templates/etc/roundcube/plugins/managesieve/config.inc.php.j2 @@ -1,33 +1,33 @@ <?php // managesieve server port. When empty the port will be determined automatically // using getservbyname() function, with 4190 as a fallback. $config['managesieve_port'] = 4190; // managesieve server address, default is localhost. // Replacement variables supported in host name: // %h - user's IMAP hostname // %n - http hostname ($_SERVER['SERVER_NAME']) // %d - domain (http hostname without the first part) // For example %n = mail.domain.tld, %d = domain.tld -$config['managesieve_host'] = '{{ imapsvr_addr | ipaddr }}'; +$config['managesieve_host'] = '{{ imapsvr_addr | ansible.utils.ipaddr }}'; // authentication method. Can be CRAM-MD5, DIGEST-MD5, PLAIN, LOGIN, EXTERNAL // or none. Optional, defaults to best method supported by server. $config['managesieve_auth_type'] = 'PLAIN'; // Optional managesieve authentication identifier to be used as authorization proxy. // Authenticate as a different user but act on behalf of the logged in user. // Works with PLAIN and DIGEST-MD5 auth. $config['managesieve_auth_cid'] = null; // Optional managesieve authentication password to be used for imap_auth_cid $config['managesieve_auth_pw'] = null; // use or not TLS for managesieve server connection // Note: tls:// prefix in managesieve_host is also supported $config['managesieve_usetls'] = false; // Connection scket context options // See http://php.net/manual/en/context.ssl.php // The example below enables server certificate validation |