---
argument_specs:
main:
version_added: "0.0.1"
short_description: Install and configure Dovecot.
description:
- "Install and configure the L(Dovecot,https://www.dovecot.org/) IMAP server."
- "Execution of this role can be limited using the following tags:"
- "C(role::dovecot:virtual): Create user and group for virtual mail ownership."
- "C(role::dovecot:install): Install Dovecot from distribution packages."
- "C(role::dovecot:config): Render the Dovecot configuration file."
- "C(role::dovecot): Apply all of the above."
author: s3lph
options:
dovecot_imap_greeting:
descrption:
- The greeting message displayed to clients.
type: str
default: "Dovecot ready."
dovecot_hostname:
description:
- >-
The hostname to be used in email messages sent out by the local delivery agent (such as the Message-ID:
header) and in LMTP replies.
type: str
default: "{{ inventory_hostname }}"
dovecot_lmtp_postmaster_address:
description:
- The From address from which email rejection messages (bounces) are sent.
type: str
default: root@localhost
dovecot_imap_mail_max_userip_connections:
description:
- The maximum number of IMAP connections allowed for a user from each IP address.
type: int
default: 10
dovecot_tls_cert_filename:
description:
- The PEM-encoded X.509 SSL/TLS certificate presented for incoming imap/pop3/etc. client connections.
type: str
default: /etc/ssl/certs/ssl-cert-snakeoil.pem
dovecot_tls_key_filename:
description:
- The PEM-encoded X.509 SSL/TLS private key for ssl_cert.
type: str
default: /etc/ssl/private/ssl-cert-snakeoil.key
dovecot_tls_dh_filename:
description:
- As of Dovecot v2.3, the path to the Diffie-Hellman parameters file must be provided.
- This setting isn’t needed if using only ECDSA certificates.
type: str
default: /usr/share/dovecot/dh.pem
dovecot_tls_min_version:
description:
- The minimum SSL protocol version Dovecot accepts.
- This setting is used for both incoming and outgoing SSL connections.
type: str
default: TLSv1.2
dovecot_tls_cipher_list:
description:
- The list of SSL ciphers to use for TLSv1.2 and below connections, in order of preference.
type: str
default: "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305" # noqa yaml[line-length]
virtual_mail_uid:
description:
- This setting indicates the system userid used for accessing mail messages.
- If you use multiple values here, userdb can override them by returning UID or GID fields.
- You can use either numeric IDs or usernames here.
type: str
default: virtual
virtual_mail_gid:
description:
- The system group ID used for accessing mail messages.
- Can be either numeric IDs or group names.
- If you use multiple values here, userdb can override them by returning the gid field.
type: str
default: virtual
virtual_mail_home:
description:
- System home directory of the virtual mail user.
- "Note: This is NOT Dovecot's C(mail_home). See O(virtual_mail_user_home) instead."
type: str
default: /home/virtual
virtual_mail_user_home:
description:
- Home directory is a per-user directory where Dovecot can save user-specific files.
- Never configure your userdb to return the same home directory for multiple users.
- Home directory must be an absolute path.
type: str
default: /home/virtual/%d/%n
virtual_mail_location:
description:
- This setting indicates the location for users’ mailboxes.
- See U(upstream documentation,https://doc.dovecot.org/2.3/configuration_manual/mail_location/#mail-location-settings).
type: str
default: maildir:~/Maildir
dovecot_master_passdb_enable:
description:
- C(true) if a master passdb should be created.
- C(false) otherwise.
type: bool
default: false
dovecot_master_passdb:
description:
- Contents of the C(passwd-file) for the master passdb.
- 'Dictionary of C(username: "{SCHEME}passwordhash") pairs.'
type: dict
default: {}
dovecot_master_user_separator:
description:
- >-
The separator to use to enable master users to login by specifying the master username within the normal
username string.
type: str
default: ";"
dovecot_postfix_auth_socket_filename:
description:
- Path to the SASL auth UNIX socket to create for Postfix.
type: str
default: /var/spool/postfix/private/auth
dovecot_postfix_auth_socket_mode:
description:
- Filesystem permissions for the Postfix SASL auth UNIX socket.
type: str
default: "0600"
dovecot_postfix_auth_socket_owner:
description:
- Name of the owner of the Postfix SASL auth UNIX socket.
type: str
default: postfix
dovecot_postfix_auth_socket_group:
description:
- Name of the group of the Postfix SASL auth UNIX socket.
type: str
default: postfix
dovecot_postfix_lmtp_socket_filename:
description:
- Path to the LMTP UNIX socket for use by Postfix.
type: str
default: /var/spool/postfix/private/dovecot-lmtp
dovecot_postfix_lmtp_socket_mode:
description:
- Filesystem permissions for the Postfix LMTP UNIX socket.
type: str
default: "0600"
dovecot_postfix_lmtp_socket_owner:
description:
- Name of the owner of the Postfix LMTP UNIX socket.
type: str
default: postfix
dovecot_postfix_lmtp_socket_group:
description:
- Name of the group of the Postfix LMTP UNIX socket.
type: str
default: postfix
dovecot_enable_pigeonhole:
description:
- C(true) if the Pigeonhole Sieve plugin should be enabled.
- C(false) otherwise.
type: bool
default: false
dovecot_enable_pigeonhole_managesieve:
description:
- C(true) if the Pigeonhole ManageSieve service should be enabled.
- C(false) otherwise.
type: bool
default: false
dovecot_pigeonhole_sieve:
description:
- The location of the user’s main Sieve script or script storage.
- The LDA Sieve plugin uses this to find the active script for Sieve filtering at delivery.
type: str
default: "file:~/sieve;active=~/.dovecot.sieve"
dovecot_additional_config:
description:
- Wildcard option to append arbitrary options to the Dovecot configuration.
- Can be used to configure settings not covered by this role.
type: str
default: ""