Upgrade the webmail configuration from Wheezy to Jessie.

3 files changed, 6 insertions, 4 deletions

diff --git a/roles/webmail/files/etc/nginx/sites-available/roundcube b/roles/webmail/files/etc/nginx/sites-available/roundcube
index 5bff410..8251841 100644
--- a/roles/webmail/files/etc/nginx/sites-available/roundcube
+++ b/roles/webmail/files/etc/nginx/sites-available/roundcube
@@ -30,40 +30,41 @@ server {
         root          /usr/share/roundcube/skins/default/images;
         log_not_found off;
         access_log    off;
         expires       max;
     }
 
     location = /robots.txt {
         allow         all;
         log_not_found off;
         access_log    off;
     }
 
     # Deny all attempts to access hidden files, or files under hidden
     # directories.
     location ~ /\. { return 404; }
 
     access_log  /var/log/nginx/roundcube.access.log;
     error_log   /var/log/nginx/roundcube.error.log info;
 
     index index.php;
+    client_max_body_size 64m;
     location = /index.php {
         include fastcgi/php;
         include fastcgi/php-ssl;
 
         # From /var/lib/roundcube/.htaccess
         fastcgi_param PHP_VALUE "upload_max_filesize=25M
                                  post_max_size=30M
                                  memory_limit=64M
                                  session.gc_maxlifetime=21600
                                  session.gc_divisor=500
                                  session.gc_probability=1";
         fastcgi_param PHP_ADMIN_VALUE "open_basedir=$document_root:/usr/share/roundcube:/etc/roundcube:/var/log/roundcube:/usr/share/php:/usr/share/javascript:/usr/share/tinymce:/usr/share/misc/magic
                                        upload_tmp_dir=$document_root/temp";
     }
 
     # Security rules
     location ~ ^/(README|INSTALL|LICENSE|CHANGELOG|UPGRADING)$ {
         return 404;
     }
     location ~ ^/(bin|SQL)/ {
diff --git a/roles/webmail/tasks/roundcube.yml b/roles/webmail/tasks/roundcube.yml
index 558f062..ebe93c8 100644
--- a/roles/webmail/tasks/roundcube.yml
+++ b/roles/webmail/tasks/roundcube.yml
@@ -16,41 +16,41 @@
 - name: Copy fripost's logo
   copy: src=var/lib/roundcube/skins/logo_webmail.png
         dest=/var/lib/roundcube/skins/logo_webmail.png
         owner=root group=root
         mode=0644
 
 - name: Configure Roundcube
   lineinfile: dest=/etc/roundcube/main.inc.php
               "regexp=^\\s*\\$rcmail_config\\['{{ item.var }}'\\]\\s*="
               "line=$rcmail_config['{{ item.var }}'] = {{ item.value }};"
               owner=root group=www-data
               mode=0640
   with_items:
     # Logging/Debugging
     - { var: smtp_log,               value: "FALSE" }
     # IMAP
     - { var: default_host,           value: "'localhost'" }
     - { var: default_port,           value: "143"         }
     - { var: imap_auth_type,         value: "'plain'"     }
     - { var: imap_cache,             value: "null"        }
-    - { var: messages_cache,         value: "FALSE"       }
+    - { var: messages_cache,         value: "null"        }
     # SMTP
     - { var: smtp_server,            value: "'localhost'" }
     - { var: smtp_port,              value: "2580"        }
     # System
     - { var: force_https,            value: "TRUE"                     }
     - { var: login_autocomplete,     value: "2"                        }
     - { var: skin_logo,              value: "'skins/logo_webmail.png'" }
     - { var: username_domain,        value: "'fripost.org'"            }
     - { var: product_name,           value: "'Fripost'"                }
     # Plugins
     - { var: plugins,                value: "array('additional_message_headers','managesieve','password')" }
     # User Interface
     - { var: skin,                   value: "'classic'" }
     - { var: language,               value: "'sv_SE'"   }
     - { var: create_default_folders, value: "TRUE"      }
     # User Preferences
     - { var: htmleditor,             value: "TRUE"  }
     - { var: skip_deleted,           value: "TRUE"  }
     - { var: check_all_folders,      value: "FALSE" }
 
diff --git a/roles/webmail/templates/etc/postfix/main.cf.j2 b/roles/webmail/templates/etc/postfix/main.cf.j2
index 048302a..9d535c6 100644
--- a/roles/webmail/templates/etc/postfix/main.cf.j2
+++ b/roles/webmail/templates/etc/postfix/main.cf.j2
@@ -74,31 +74,32 @@ strict_rfc821_envelopes = yes
 smtpd_delay_reject      = yes
 disable_vrfy_command    = yes
 
 # UCE control
 unknown_client_reject_code = 554
 
 smtpd_client_restrictions =
     permit_mynetworks
     reject
 
 smtpd_helo_required     = yes
 smtpd_helo_restrictions =
     permit_mynetworks
     reject_non_fqdn_helo_hostname
     reject_invalid_helo_hostname
 
 smtpd_sender_restrictions =
     reject_non_fqdn_sender
     reject_unknown_sender_domain
 
+smtpd_relay_restrictions =
+    permit_mynetworks
+    reject
+
 smtpd_recipient_restrictions =
-    # RFC requirements
     reject_non_fqdn_recipient
     reject_unknown_recipient_domain
-    permit_mynetworks
-    reject
 
 smtpd_data_restrictions =
     reject_unauth_pipelining
 
 # vim: set filetype=pfmain :