summaryrefslogtreecommitdiffstats
path: root/roles
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@fripost.org>2014-06-25 18:46:35 +0200
committerGuilhem Moulin <guilhem@fripost.org>2015-06-07 02:51:52 +0200
commita4b88d46526632705d92b2902d3604907afbcbc9 (patch)
treedfbe2e46f7c972edb855a2714e2be62443a131e5 /roles
parent2c6875911b26fefd9bd11bd71eecda69e0cf32aa (diff)
Install dovecot from backports (for imapc).
Interesting features include caching of mail headers (v2.2.8+) as well as new IMAP capabilities.
Diffstat (limited to 'roles')
-rw-r--r--roles/IMAP-proxy/files/etc/dovecot/conf.d/10-auth.conf1
-rw-r--r--roles/IMAP-proxy/files/etc/dovecot/conf.d/10-mail.conf20
-rw-r--r--roles/IMAP-proxy/files/etc/dovecot/conf.d/20-imapc.conf5
-rw-r--r--roles/IMAP-proxy/tasks/main.yml2
-rw-r--r--roles/IMAP/files/etc/dovecot/conf.d/10-logging.conf3
5 files changed, 22 insertions, 9 deletions
diff --git a/roles/IMAP-proxy/files/etc/dovecot/conf.d/10-auth.conf b/roles/IMAP-proxy/files/etc/dovecot/conf.d/10-auth.conf
index 229ac94..1abea0c 100644
--- a/roles/IMAP-proxy/files/etc/dovecot/conf.d/10-auth.conf
+++ b/roles/IMAP-proxy/files/etc/dovecot/conf.d/10-auth.conf
@@ -6,6 +6,7 @@
# SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP
# matches the local IP (ie. you're connecting from the same computer), the
# connection is considered secure and plaintext authentication is allowed.
+# See also ssl=required setting.
disable_plaintext_auth = yes
# Authentication cache size (e.g. 10M). 0 means it's disabled. Note that
diff --git a/roles/IMAP-proxy/files/etc/dovecot/conf.d/10-mail.conf b/roles/IMAP-proxy/files/etc/dovecot/conf.d/10-mail.conf
index f106af5..e19b507 100644
--- a/roles/IMAP-proxy/files/etc/dovecot/conf.d/10-mail.conf
+++ b/roles/IMAP-proxy/files/etc/dovecot/conf.d/10-mail.conf
@@ -98,7 +98,7 @@ namespace inbox {
#list = children
#}
# Should shared INBOX be visible as "shared/user" or "shared/user/INBOX"?
-#mail_shared_explicit_inbox = yes
+#mail_shared_explicit_inbox = no
# System user and group used to access mails. If you use multiple, userdb
# can override these by returning uid or gid fields. You can use either numbers
@@ -124,6 +124,10 @@ mail_gid = imapproxy
# or ~user/.
#mail_full_filesystem_access = no
+# Dictionary for key=value mailbox attributes. Currently used by URLAUTH, but
+# soon intended to be used by METADATA as well.
+#mail_attribute_dict =
+
##
## Mail processes
##
@@ -207,6 +211,10 @@ mail_plugins = virtual
## Mailbox handling optimizations
##
+# Mailbox list indexes can be used to optimize IMAP STATUS commands. They are
+# also required for IMAP NOTIFY extension to be enabled.
+mailbox_list_index = yes
+
# The minimum number of mails in a mailbox before updates are done to cache
# file. This allows optimizing Dovecot's behavior to do less disk writes at
# the cost of more disk reads.
@@ -276,8 +284,14 @@ mail_plugins = virtual
# in is important to avoid deadlocks if other MTAs/MUAs are using multiple
# locking methods as well. Some operating systems don't allow using some of
# them simultaneously.
+#
+# The Debian value for mbox_write_locks differs from upstream Dovecot. It is
+# changed to be compliant with Debian Policy (section 11.6) for NFS safety.
+# Dovecot: mbox_write_locks = dotlock fcntl
+# Debian: mbox_write_locks = fcntl dotlock
+#
#mbox_read_locks = fcntl
-#mbox_write_locks = dotlock fcntl
+#mbox_write_locks = fcntl dotlock
# Maximum time to wait for lock (all of them) before aborting.
#mbox_lock_timeout = 5 mins
@@ -341,8 +355,6 @@ mail_plugins = virtual
# also allows single instance storage for them. Other backends don't support
# this for now.
-# WARNING: This feature hasn't been tested much yet. Use at your own risk.
-
# Directory root where to store mail attachments. Disabled, if empty.
#mail_attachment_dir =
diff --git a/roles/IMAP-proxy/files/etc/dovecot/conf.d/20-imapc.conf b/roles/IMAP-proxy/files/etc/dovecot/conf.d/20-imapc.conf
index 47785a4..32cc391 100644
--- a/roles/IMAP-proxy/files/etc/dovecot/conf.d/20-imapc.conf
+++ b/roles/IMAP-proxy/files/etc/dovecot/conf.d/20-imapc.conf
@@ -12,7 +12,6 @@ imapc_user = %u
mail_prefetch_count = 20
# The list of valid features can be found there
-# http://hg.dovecot.org/dovecot-2.1/file/f572fbafb445/src/lib-storage/index/imapc/imapc-settings.c
+# http://hg.dovecot.org/dovecot-2.2/file/tip/src/lib-storage/index/imapc/imapc-settings.c
# (in the struct 'imapc_feature_list imapc_feature_list')
-imapc_features = rfc822.size
-
+imapc_features = rfc822.size fetch-headers
diff --git a/roles/IMAP-proxy/tasks/main.yml b/roles/IMAP-proxy/tasks/main.yml
index f76ee72..4a1984c 100644
--- a/roles/IMAP-proxy/tasks/main.yml
+++ b/roles/IMAP-proxy/tasks/main.yml
@@ -1,5 +1,5 @@
- name: Install Dovecot
- apt: pkg={{ item }}
+ apt: pkg={{ item }} default_release={{ ansible_lsb.codename }}-backports
with_items:
- dovecot-core
- dovecot-imapd
diff --git a/roles/IMAP/files/etc/dovecot/conf.d/10-logging.conf b/roles/IMAP/files/etc/dovecot/conf.d/10-logging.conf
index ba8e646..c611bfc 100644
--- a/roles/IMAP/files/etc/dovecot/conf.d/10-logging.conf
+++ b/roles/IMAP/files/etc/dovecot/conf.d/10-logging.conf
@@ -26,6 +26,7 @@
# In case of password mismatches, log the attempted password. Valid values are
# no, plain and sha1. sha1 can be useful for detecting brute force password
# attempts vs. user simply trying the same password over and over again.
+# You can also truncate the value to n chars by appending ":n" (e.g. sha1:6).
#auth_verbose_passwords = no
# Even more verbose logging for debugging purposes. Shows for example SQL
@@ -65,7 +66,7 @@ log_timestamp = "%Y-%m-%d %H:%M:%S "
# string.
#login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c
-# Login log format. %$ contains login_log_format_elements string, %s contains
+# Login log format. %s contains login_log_format_elements string, %$ contains
# the data we want to log.
#login_log_format = %$: %s