From e2ddcfc51f66c2a52a401064eab005e793f148ee Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem@fripost.org>
Date: Sun, 9 Dec 2018 18:41:06 +0100
Subject: Update 'IMAP', 'MSA' and 'LDAP-provider' roles to Debian Stretch.

---
 .../IMAP/templates/etc/dovecot/conf.d/10-master.conf.j2 | 17 +++++++++++++----
 roles/IMAP/templates/etc/postfix/main.cf.j2             |  8 +++++---
 2 files changed, 18 insertions(+), 7 deletions(-)

(limited to 'roles/IMAP/templates')

diff --git a/roles/IMAP/templates/etc/dovecot/conf.d/10-master.conf.j2 b/roles/IMAP/templates/etc/dovecot/conf.d/10-master.conf.j2
index b7aead3..1bf13b0 100644
--- a/roles/IMAP/templates/etc/dovecot/conf.d/10-master.conf.j2
+++ b/roles/IMAP/templates/etc/dovecot/conf.d/10-master.conf.j2
@@ -57,7 +57,6 @@ service lmtp {
   user = vmail
 
   unix_listener /var/spool/postfix-{{ postfix_instance.IMAP.name }}/private/dovecot-lmtpd {
-    group = postfix
     user = postfix
     mode = 0600
   }
@@ -80,6 +79,18 @@ service imap {
 
   # Max. number of IMAP processes (connections)
   #process_limit = 1024
+
+  unix_listener imap-master {
+    user = $default_internal_user
+    mode = 0600
+  }
+}
+
+service imap-hibernate {
+  unix_listener imap-hibernate {
+    user = vmail
+    mode = 0600
+  }
 }
 
 service pop3 {
@@ -102,14 +113,12 @@ service auth {
   # something else than 0666 and Dovecot lets the kernel enforce the
   # permissions (e.g. 0777 allows everyone full permissions).
   unix_listener auth-userdb {
-    mode = 0600
     user = vmail
-    group = root
+    mode = 0600
   }
 
   # Postfix smtp-auth
   unix_listener /var/spool/postfix-{{ postfix_instance.MSA.name }}/private/dovecot-auth {
-    group = postfix
     user = postfix
     mode = 0600
   }
diff --git a/roles/IMAP/templates/etc/postfix/main.cf.j2 b/roles/IMAP/templates/etc/postfix/main.cf.j2
index f819b19..2105d29 100644
--- a/roles/IMAP/templates/etc/postfix/main.cf.j2
+++ b/roles/IMAP/templates/etc/postfix/main.cf.j2
@@ -4,9 +4,11 @@
 # {{ ansible_managed }}
 # Do NOT edit this file directly!
 
-smtpd_banner     = $myhostname ESMTP $mail_name (Debian/GNU)
-biff             = no
-readme_directory = no
+smtpd_banner        = $myhostname ESMTP $mail_name (Debian/GNU)
+biff                = no
+readme_directory    = no
+compatibility_level = 2
+smtputf8_enable     = no
 
 delay_warning_time     = 4h
 maximal_queue_lifetime = 5d
-- 
cgit v1.2.3