chef/site-cookbooks/kosmos_email/recipes/dovecot.rb

#
# Cookbook:: kosmos_email
# Recipe:: dovecot
#

%w[
  dovecot-core
  dovecot-imapd
  dovecot-ldap
  dovecot-lmtpd
  dovecot-pop3d
].each do |pkg|
  apt_package pkg
end

domain   = node["email"]["domain"]
hostname = node["email"]["hostname"]
ip_addr  = node["knife_zero"]["host"]

ldap_search_base = node["email"]["ldap_search_base"]
ldap_user_filter = "(&(objectClass=person)(mailRoutingAddress=%u))"

credentials = Chef::EncryptedDataBagItem.load('credentials', 'email')

user "vmail" do
  gid "mail"
  system true
  manage_home false
end

directory "/var/vmail" do
  owner "vmail"
  group "mail"
end

template "/etc/dovecot/dovecot.conf" do
  source    "dovecot.conf.erb"
  mode      0644
  # TODO variables protocols: "imap pop3 lmtp"
  variables protocols: "imap lmtp",
            # TODO find by email_proxy role
            haproxy_trusted_networks: "10.1.1.167/32"
  notifies :restart, "service[dovecot]", :delayed
end

template "/etc/dovecot/dovecot-ldap.conf.ext" do
  source    "dovecot-ldap.conf.ext.erb"
  mode      0600
  variables uris: "ldap://ldap.kosmos.local", # TODO add list of all IPs instead?
            dn: credentials['ldap_dn'],
            dnpass: credentials['ldap_dnpass'],
            base: ldap_search_base,
            user_filter: ldap_user_filter,
            user_attrs: "",
            pass_filter: ldap_user_filter,
            pass_attrs: "mailRoutingAddress=user,mailpassword=password",
            default_pass_scheme: "BLF-CRYPT"
  notifies :restart, "service[dovecot]", :delayed
end

template "/etc/dovecot/conf.d/10-auth.conf" do
  source    "dovecot_10-auth.conf.erb"
  mode      0644
  notifies :restart, "service[dovecot]", :delayed
end

template "/etc/dovecot/conf.d/10-mail.conf" do
  source    "dovecot_10-mail.conf.erb"
  mode      0644
  variables mail_uid: "vmail",
            mail_gid: "mail",
            mail_location: "mbox:~/mail:INBOX=~/mail/INBOX",
            mail_home: "/var/vmail/%d/%n"
  notifies :restart, "service[dovecot]", :delayed
end

template "/etc/dovecot/conf.d/10-master.conf" do
  source    "dovecot_10-master.conf.erb"
  mode      0644
  notifies :restart, "service[dovecot]", :delayed
end

template "/etc/dovecot/conf.d/10-ssl.conf" do
  source    "dovecot_10-ssl.conf.erb"
  mode      0644
  variables ssl: "required",
            ssl_cert: node['postfix']['main']['smtpd_tls_cert_file'],
            ssl_key: node['postfix']['main']['smtpd_tls_key_file']
  notifies :restart, "service[dovecot]", :delayed
end

template "/etc/dovecot/conf.d/15-mailboxes.conf" do
  source    "dovecot_15-mailboxes.conf.erb"
  mode      0644
  notifies :restart, "service[dovecot]", :delayed
end

service "dovecot" do
  action [:enable, :start]
end