Add dovecot master passdb

galaxy.yml

@@ -8,7 +8,7 @@ namespace: s3lph
 name: mailserver
 
 # The version of the collection. Must be compatible with semantic versioning
-version: '0.2.1'
+version: '0.2.2'
 
 # The path to the Markdown (.md) readme file. This path is relative to the root of the collection
 readme: README.md

roles/dovecot/defaults/main/userdb.yml

@@ -5,3 +5,7 @@ dovecot_userdb_basedir: /etc/dovecot/userdb
 dovecot_passdb_scheme: BLF-CRYPT
 dovecot_passdb_filename: /etc/dovecot/userdb/%d
 dovecot_passdb_user_format: "%u"
+
+dovecot_master_passdb_enable: no
+dovecot_master_passdb: {}
+master_user_separator: ";"

roles/dovecot/tasks/config.yml

@@ -8,3 +8,14 @@
     group: dovecot
     mode: 0640
   notify: restart dovecot
+
+- name: render /etc/dovecot/master.passwd
+  ansible.builtin.template:
+    src: etc/dovecot/passwd-file.j2
+    dest: /etc/dovecot/master.passwd
+    owner: root
+    group: dovecot
+    mode: 0640
+  vars:
+    passwd: "{{ dovecot_master_passdb | dict2items(key_name='username', value_name='password') }}"
+    passdb_only: yes

roles/dovecot/templates/etc/dovecot/dovecot.conf.j2

@@ -233,6 +233,16 @@ passdb {
   args = /etc/dovecot/dovecot-sql.conf
 }
 
+{% if dovecot_master_passdb_enable %}
+master_user_separator = {{ dovecot_master_user_separator }}
+passdb {
+  driver = passwd-file
+  args = /etc/dovecot/master.passwd
+  master = yes
+  result_success = continue
+}
+{% endif %}
+
 ##
 ## Mailbox locations and namespaces
 ##

roles/dovecot/templates/etc/dovecot/passwd-file.j2

@@ -0,0 +1,16 @@
+{{ ansible_managed | comment }}
+{% for user in passwd %}
+{{ user.username -}}
+:
+{{- user.password -}}
+{%- if not passdb_only | default(false) -%}
+:
+{{- user.uid | default('') -}}
+:
+{{- user.gid | default('') -}}
+::
+{{- user.home | default('') -}}
+::
+{{- user.extra_fields | default('') -}}
+{%- endif %}
+{% endfor %}