s3lph/ansible-collection-mailserver
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

add postfixadmin_permit_inactive_user_nosmtp option

Browse source
This commit is contained in:
s3lph 2021-10-20 04:51:35 +02:00
parent b5081d16ee
commit 9fc70d8cc7
3 changed files with 13 additions and 1 deletions
README.md
roles/postfixadmin
defaults
main.yml
templates/etc/dovecot
dovecot-sql.conf.j2

4
README.md
View file

@ -105,6 +105,10 @@ postfixadmin_transport_options:
- lmtp:unix:private/dovecot-lmtp
# Base URL is needed to call the bootstrap API
postfixadmin_base_url: https://example.org/postfixadmin
# If set to yes/true, this option permits login for inactive users, but only if the service is NOT smtp.
# This permits disabled users to still read their mail, but will not allow them to send mail.
postfixadmin_permit_inactive_user_nosmtp: yes
```
As this role involves some secrets, you should put the following

1
roles/postfixadmin/defaults/main.yml
View file

@ -71,6 +71,7 @@ postfixadmin_database_postfix_user: postfix
postfixadmin_database_postfix_hosts: 'unix:/run/mysqld/mysqld.sock'
postfixadmin_database_dovecot_user: postfix
postfixadmin_database_dovecot_hosts: '/run/mysqld/mysqld.sock'
postfixadmin_permit_inactive_user_nosmtp: no
virtual_mail_home: /home/virtual
virtual_mail_uid: virtual

9
roles/postfixadmin/templates/etc/dovecot/dovecot-sql.conf.j2
View file

@ -3,5 +3,12 @@
driver = mysql
connect = host={{ postfixadmin_database_dovecot_hosts }} dbname={{ postfixadmin_database_name }} user={{ postfixadmin_database_dovecot_user }} password={{ postfixadmin_database_dovecot_password }}
default_pass_scheme = BLF-CRYPT
{% if postfixadmin_permit_inactive_user_nosmtp %}
# '%s'<>'smtp' permits login for inactive users, but only if the service is NOT smtp.
# This permits disabled users to still read their mail, but will not allow them to send mail.
password_query = SELECT username AS user,password FROM mailbox WHERE username = '%u' AND ( active='1' OR '%s'<>'smtp' )
user_query = SELECT CONCAT('{{ virtual_mail_home }}', maildir) AS home, {{ virtual_mail_numeric_uid }} AS uid, {{ virtual_mail_numeric_gid }} AS gid, CONCAT('*:bytes=', quota) AS quota_rule FROM mailbox WHERE username = '%u' AND ( active='1' OR '%s'<>'smtp' )
{% else %}
password_query = SELECT username AS user,password FROM mailbox WHERE username = '%u' AND active='1'
user_query = SELECT CONCAT('{{ virtual_mail_home }}', maildir) AS home, {{ virtual_mail_numeric_uid }} AS uid, {{ virtual_mail_numeric_gid }} AS gid, CONCAT('*:bytes=', quota) AS quota_rule FROM mailbox WHERE username = '%u' AND active='1'
user_query = SELECT CONCAT('{{ virtual_mail_home }}', maildir) AS home, {{ virtual_mail_numeric_uid }} AS uid, {{ virtual_mail_numeric_gid }} AS gid, CONCAT('*:bytes=', quota) AS quota_rule FROM mailbox WHERE username = '%u' AND active='1'
{% endif %}