summaryrefslogtreecommitdiffstats
path: root/roles/IMAP-proxy
diff options
context:
space:
mode:
Diffstat (limited to 'roles/IMAP-proxy')
-rw-r--r--roles/IMAP-proxy/files/etc/stunnel/roundcube.conf (renamed from roles/IMAP-proxy/files/etc/stunnel/imap.conf)2
-rw-r--r--roles/IMAP-proxy/tasks/main.yml4
2 files changed, 3 insertions, 3 deletions
diff --git a/roles/IMAP-proxy/files/etc/stunnel/imap.conf b/roles/IMAP-proxy/files/etc/stunnel/roundcube.conf
index af29023..c14bac3 100644
--- a/roles/IMAP-proxy/files/etc/stunnel/imap.conf
+++ b/roles/IMAP-proxy/files/etc/stunnel/roundcube.conf
@@ -1,30 +1,30 @@
; **************************************************************************
; * Global options *
; **************************************************************************
; setuid()/setgid() to the specified user/group in daemon mode
setuid = stunnel4
setgid = stunnel4
; PID is created inside the chroot jail
-pid = /var/run/stunnel4/imap.pid
+pid = /var/run/stunnel4/roundcube.pid
; Only log messages at severity warning (4) and higher
debug = 4
; **************************************************************************
; * Service defaults may also be specified in individual service sections *
; **************************************************************************
; Certificate/key is needed in server mode and optional in client mode
;cert = /etc/stunnel/mail.pem
;key = /etc/stunnel/mail.pem
client = yes
socket = a:SO_BINDTODEVICE=lo
; Some performance tunings
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
; Prevent MITM attacks
verify = 4
diff --git a/roles/IMAP-proxy/tasks/main.yml b/roles/IMAP-proxy/tasks/main.yml
index 18ad4d6..587fc62 100644
--- a/roles/IMAP-proxy/tasks/main.yml
+++ b/roles/IMAP-proxy/tasks/main.yml
@@ -65,33 +65,33 @@
# peer certificate) doesn't always work:
# https://www.stunnel.org/pipermail/stunnel-users/2013-July/004249.html
assemble: src=certs/dovecot remote_src=no
dest=/etc/stunnel/certs/imap.fripost.org.pem
owner=root group=root
mode=0644
register: r1
notify:
- Restart stunnel
- name: Copy slapd's X.509 certificate
copy: src=certs/ldap/ldap.fripost.org.pem
dest=/etc/stunnel/certs/ldap.fripost.org.pem
owner=root group=root
mode=0644
register: r2
notify:
- Restart stunnel
- name: Configure stunnel
- copy: src=etc/stunnel/imap.conf
- dest=/etc/stunnel/imap.conf
+ copy: src=etc/stunnel/roundcube.conf
+ dest=/etc/stunnel/roundcube.conf
owner=root group=root
mode=0644
register: r3
notify:
- Restart stunnel
- name: Start stunnel
service: name=stunnel4 pattern=/usr/bin/stunnel4 state=started
when: not (r1.changed or r2.changed or r3.changed)
- meta: flush_handlers
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-22 14:24:54 +0000