85 lines
2.3 KiB
Ruby
85 lines
2.3 KiB
Ruby
#
|
|
# Cookbook:: kosmos_email
|
|
# Recipe:: dovecot
|
|
#
|
|
|
|
%w[
|
|
dovecot-core
|
|
dovecot-imapd
|
|
dovecot-ldap
|
|
dovecot-lmtpd
|
|
dovecot-pop3d
|
|
].each do |pkg|
|
|
apt_package pkg
|
|
end
|
|
|
|
domain = node["email"]["domain"]
|
|
hostname = node["email"]["hostname"]
|
|
ip_addr = node["knife_zero"]["host"]
|
|
|
|
credentials = Chef::EncryptedDataBagItem.load('credentials', 'email')
|
|
|
|
user "vmail" do
|
|
gid "mail"
|
|
system true
|
|
manage_home false
|
|
end
|
|
|
|
template "/etc/dovecot/dovecot.conf" do
|
|
source "dovecot.conf.erb"
|
|
mode 0644
|
|
# TODO variables protocols: "imap pop3 lmtp"
|
|
variables protocols: "imap lmtp",
|
|
# TODO find by email_proxy role
|
|
haproxy_trusted_networks: "10.1.1.167/32"
|
|
notifies :restart, "service[dovecot]", :delayed
|
|
end
|
|
|
|
template "/etc/dovecot/dovecot-ldap.conf.ext" do
|
|
source "dovecot-ldap.conf.ext.erb"
|
|
mode 0600
|
|
variables uris: "ldap://ldap.kosmos.local", # TODO add list of all IPs instead?
|
|
dn: credentials['ldap_dn'],
|
|
dnpass: credentials['ldap_dnpass'],
|
|
base: "ou=kosmos.org,cn=users,dc=kosmos,dc=org",
|
|
user_attrs: "mailhome=home",
|
|
user_filter: "(&(objectClass=person)(cn=%u))",
|
|
pass_attrs: "cn=user,mailpassword=password",
|
|
pass_filter: "(&(objectClass=person)(cn=%u))",
|
|
default_pass_scheme: "BLF-CRYPT"
|
|
notifies :restart, "service[dovecot]", :delayed
|
|
end
|
|
|
|
template "/etc/dovecot/conf.d/10-auth.conf" do
|
|
source "dovecot_10-auth.conf.erb"
|
|
mode 0644
|
|
notifies :restart, "service[dovecot]", :delayed
|
|
end
|
|
|
|
template "/etc/dovecot/conf.d/10-mail.conf" do
|
|
source "dovecot_10-mail.conf.erb"
|
|
mode 0644
|
|
variables mail_uid: "vmail",
|
|
mail_gid: "mail"
|
|
notifies :restart, "service[dovecot]", :delayed
|
|
end
|
|
|
|
template "/etc/dovecot/conf.d/10-master.conf" do
|
|
source "dovecot_10-master.conf.erb"
|
|
mode 0644
|
|
notifies :restart, "service[dovecot]", :delayed
|
|
end
|
|
|
|
template "/etc/dovecot/conf.d/10-ssl.conf" do
|
|
source "dovecot_10-ssl.conf.erb"
|
|
mode 0644
|
|
variables ssl: "required",
|
|
ssl_cert: node['postfix']['main']['smtpd_tls_cert_file'],
|
|
ssl_key: node['postfix']['main']['smtpd_tls_key_file']
|
|
notifies :restart, "service[dovecot]", :delayed
|
|
end
|
|
|
|
service "dovecot" do
|
|
action [:enable, :start]
|
|
end
|