diff options
| author | Guilhem Moulin <guilhem@fripost.org> | 2016-05-23 13:27:31 +0200 |
|---|---|---|
| committer | Guilhem Moulin <guilhem@fripost.org> | 2016-05-23 13:29:41 +0200 |
| commit | 61ee02ffb5402d93eae59001b91197957a8dcfe2 (patch) | |
| tree | 61942115319da2cb843f045cdcbbf5b58102c191 /roles/IMAP | |
| parent | 2b50c65c042718d04a3b0ce660afda5ba19ec9b4 (diff) | |
dovecot: don't listen on the IP dedicated for IPSec when there is a single host.
Diffstat (limited to 'roles/IMAP')
| -rw-r--r-- | roles/IMAP/templates/etc/dovecot/conf.d/10-master.conf.j2 | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/roles/IMAP/templates/etc/dovecot/conf.d/10-master.conf.j2 b/roles/IMAP/templates/etc/dovecot/conf.d/10-master.conf.j2 index 4969550..aea7f87 100644 --- a/roles/IMAP/templates/etc/dovecot/conf.d/10-master.conf.j2 +++ b/roles/IMAP/templates/etc/dovecot/conf.d/10-master.conf.j2 @@ -1,40 +1,44 @@ #default_process_limit = 100 #default_client_limit = 1000 # Default VSZ (virtual memory size) limit for service processes. This is mainly # intended to catch and kill processes that leak memory before they eat up # everything. #default_vsz_limit = 256M # Login user is internally used by login processes. This is the most untrusted # user in Dovecot system. It shouldn't have access to anything at all. #default_login_user = dovenull # Internal user is used by unprivileged processes. It should be separate from # login user, so that login processes can't disturb other processes. #default_internal_user = dovecot service imap-login { inet_listener imap { +{% if groups.all | length > 1 %} address = {{ ipsec[inventory_hostname_short] }} port = 143 +{% else %} + port = 0 +{% endif %} } inet_listener imaps { #port = 993 #ssl = yes } # Number of connections to handle before starting a new process. Typically # the only useful values are 0 (unlimited) or 1. 1 is more secure, but 0 # is faster. <doc/wiki/LoginProcess.txt> #service_count = 1 # Max. number of IMAP processes (logins) process_limit = 256 # Number of processes to always keep waiting for more connections. process_min_avail = 4 # If you set service_count=0, you probably need to grow this. #vsz_limit = $default_vsz_limit } |