diff options
| -rw-r--r-- | roles/webmail/tasks/roundcube.yml | 12 | ||||
| -rw-r--r-- | roles/webmail/templates/etc/roundcube/plugins/managesieve/config.inc.php.j2 | 20 | ||||
| -rw-r--r-- | webmail.yml | 2 |
3 files changed, 17 insertions, 17 deletions
diff --git a/roles/webmail/tasks/roundcube.yml b/roles/webmail/tasks/roundcube.yml index 3d56af7..998026c 100644 --- a/roles/webmail/tasks/roundcube.yml +++ b/roles/webmail/tasks/roundcube.yml @@ -32,46 +32,46 @@ copy: src=usr/share/roundcube/skins/{{ item }}/images/fripost_logo.png dest=/usr/share/roundcube/skins/{{ item }}/images/fripost_logo.png owner=root group=root mode=0644 with_items: - classic - larry - name: Configure Roundcube lineinfile: dest=/etc/roundcube/config.inc.php regexp='^\\s*\\$config\\[\'{{ item.var }}\'\\]\\s*=' line='$config[\'{{ item.var }}\'] = {{ item.value }};' owner=root group=www-data mode=0640 with_items: # Logging/Debugging - { var: smtp_log, value: "false" } # IMAP # WARNING: After hostname change update of mail_host column in users # table is required to match old user data records with the new host. - - { var: default_host, value: "'localhost'" } - - { var: default_port, value: "143" } - - { var: imap_auth_type, value: "'PLAIN'" } - - { var: imap_cache, value: "null" } - - { var: imap_timeout, value: "180" } - - { var: messages_cache, value: "false" } + - { var: default_host, value: "'{{ ipsec[imapsvr.inventory_hostname_short] }}'" } + - { var: default_port, value: "143" } + - { var: imap_auth_type, value: "'PLAIN'" } + - { var: imap_cache, value: "null" } + - { var: imap_timeout, value: "180" } + - { var: messages_cache, value: "false" } # SMTP - { var: smtp_server, value: "'localhost'" } - { var: smtp_port, value: "2525" } # System - { var: force_https, value: "true" } - { var: login_autocomplete, value: "2" } - { var: skin_logo, value: "'/images/fripost_logo.png'" } - { var: username_domain, value: "'fripost.org'" } - { var: product_name, value: "'Fripost Webmail'" } # Plugins - { var: plugins, value: "array('archive','additional_message_headers','managesieve','password')" } # Spell Checking - { var: enable_spellcheck, value: "'true'" } - { var: spellcheck_engine, value: "'enchant'" } - { var: spellcheck_languages, value: "array('da','de','en','es','fr','no','sv')" } # User Interface - { var: skin, value: "'larry'" } - { var: language, value: "'sv_SE'" } - { var: create_default_folders, value: "true" } - { var: support_url, value: "'https://fripost.org/kontakt/'" } diff --git a/roles/webmail/templates/etc/roundcube/plugins/managesieve/config.inc.php.j2 b/roles/webmail/templates/etc/roundcube/plugins/managesieve/config.inc.php.j2 index 6ad7343..dcaca06 100644 --- a/roles/webmail/templates/etc/roundcube/plugins/managesieve/config.inc.php.j2 +++ b/roles/webmail/templates/etc/roundcube/plugins/managesieve/config.inc.php.j2 @@ -1,61 +1,61 @@ <?php // managesieve server port. When empty the port will be determined automatically // using getservbyname() function, with 4190 as a fallback. $config['managesieve_port'] = 4190; // managesieve server address, default is localhost. // Replacement variables supported in host name: // %h - user's IMAP hostname // %n - http hostname ($_SERVER['SERVER_NAME']) // %d - domain (http hostname without the first part) // For example %n = mail.domain.tld, %d = domain.tld -$config['managesieve_host'] = 'sieve.fripost.org'; +$config['managesieve_host'] = '{{ ipsec[imapsvr.inventory_hostname_short] }}'; // authentication method. Can be CRAM-MD5, DIGEST-MD5, PLAIN, LOGIN, EXTERNAL // or none. Optional, defaults to best method supported by server. $config['managesieve_auth_type'] = 'PLAIN'; // Optional managesieve authentication identifier to be used as authorization proxy. // Authenticate as a different user but act on behalf of the logged in user. // Works with PLAIN and DIGEST-MD5 auth. $config['managesieve_auth_cid'] = null; // Optional managesieve authentication password to be used for imap_auth_cid $config['managesieve_auth_pw'] = null; // use or not TLS for managesieve server connection // Note: tls:// prefix in managesieve_host is also supported -$config['managesieve_usetls'] = true; +$config['managesieve_usetls'] = false; // Connection scket context options // See http://php.net/manual/en/context.ssl.php // The example below enables server certificate validation -$config['managesieve_conn_options'] = array( - 'ssl' => array( - 'verify_peer' => true, - 'disable_compression' => true, - 'ciphers' => 'EECDH+AES!MEDIUM!LOW!EXP!aNULL!eNULL', - 'peer_fingerprint' => array('sha1' => '{{ lookup('pipe', 'openssl x509 -in certs/public/imap.fripost.org.pem -noout -fingerprint -sha1 | sed "s/[^=]*=\s*//" | tr -d :') }}'), - ), - ); +//$config['managesieve_conn_options'] = array( +// 'ssl' => array( +// 'verify_peer' => true, +// 'verify_depth' => 3, +// 'cafile' => '/etc/openssl/certs/ca.crt', +// ), +// ); +$config['managesieve_conn_options'] = null; // default contents of filters script (eg. default spam filter) $config['managesieve_default'] = '/etc/dovecot/sieve/global'; // The name of the script which will be used when there's no user script $config['managesieve_script_name'] = 'managesieve'; // Sieve RFC says that we should use UTF-8 endcoding for mailbox names, // but some implementations does not covert UTF-8 to modified UTF-7. // Defaults to UTF7-IMAP $config['managesieve_mbox_encoding'] = 'UTF-8'; // I need this because my dovecot (with listescape plugin) uses // ':' delimiter, but creates folders with dot delimiter $config['managesieve_replace_delimiter'] = ''; // disabled sieve extensions (body, copy, date, editheader, encoded-character, // envelope, environment, ereject, fileinto, ihave, imap4flags, index, // mailbox, mboxmetadata, regex, reject, relational, servermetadata, // spamtest, spamtestplus, subaddress, vacation, variables, virustest, etc. diff --git a/webmail.yml b/webmail.yml index 0ef0487..cd5100f 100644 --- a/webmail.yml +++ b/webmail.yml @@ -1,5 +1,5 @@ --- - name: Configure the webmail hosts: webmail roles: - - webmail + - { role: webmail, imapsvr: "{{ hostvars[groups.IMAP[0]] }}" } |