diff options
author | root@culturestrings <root@culturestrings> | 2020-08-29 00:17:21 +0000 |
---|---|---|
committer | root@culturestrings <root@culturestrings> | 2020-08-29 00:17:21 +0000 |
commit | 72d73f05769ff86b80a8da71e275ac8174a328dc (patch) | |
tree | 9ff074bb995c826976452bfba257e2013c5d1c33 /public | |
parent | 2212c085c96f20716dc3bcd3e4efd789e551bc72 (diff) | |
download | culturestrings-72d73f05769ff86b80a8da71e275ac8174a328dc.tar.bz2 culturestrings-72d73f05769ff86b80a8da71e275ac8174a328dc.tar.xz |
dovecot: initial configuration (imap only, require client certificate).
Diffstat (limited to 'public')
-rw-r--r-- | public/fs/etc/dovecot/conf.d/10-auth.conf | 19 | ||||
-rw-r--r-- | public/fs/etc/dovecot/conf.d/10-ssl.conf | 6 | ||||
-rwxr-xr-x | public/fs/etc/dovecot/dovecot-conf.sh | 13 | ||||
-rw-r--r-- | public/fs/etc/dovecot/dovecot.conf.in | 7 |
4 files changed, 45 insertions, 0 deletions
diff --git a/public/fs/etc/dovecot/conf.d/10-auth.conf b/public/fs/etc/dovecot/conf.d/10-auth.conf new file mode 100644 index 0000000..73d15c4 --- /dev/null +++ b/public/fs/etc/dovecot/conf.d/10-auth.conf @@ -0,0 +1,19 @@ +auth_debug = yes +auth_debug_passwords = yes + +auth_ssl_require_client_cert = yes +auth_ssl_username_from_cert = yes + +auth_mechanisms = plain external + +passdb { + driver = passwd-file + args = scheme=PLAIN username_format=%u /etc/dovecot/users + mechanisms = plain external + override_fields = nopassword +} + +userdb { + driver = passwd-file + args = /etc/passwd +} diff --git a/public/fs/etc/dovecot/conf.d/10-ssl.conf b/public/fs/etc/dovecot/conf.d/10-ssl.conf new file mode 100644 index 0000000..ae9669b --- /dev/null +++ b/public/fs/etc/dovecot/conf.d/10-ssl.conf @@ -0,0 +1,6 @@ +ssl_ca = </etc/dovecot/ssl/ca.pem +ssl_cert = </etc/dovecot/ssl/fullchain.pem +ssl_key = </etc/dovecot/ssl/privkey.pem + +ssl_require_crl = yes +ssl_verify_client_cert = yes diff --git a/public/fs/etc/dovecot/dovecot-conf.sh b/public/fs/etc/dovecot/dovecot-conf.sh new file mode 100755 index 0000000..c0d6366 --- /dev/null +++ b/public/fs/etc/dovecot/dovecot-conf.sh @@ -0,0 +1,13 @@ +#!/bin/sh + +set -eu + +sitezone="$1" + +cfg_script="$0" +cfg_srcdir=$(cd -- "${cfg_script%/*}/" ; pwd -P) + +source /root/config/private/config/hostinfo/${sitezone} + +sed -e 's/@imaphost@/'"${imaphost}"'/g' \ + "${cfg_srcdir}/dovecot.conf.in" diff --git a/public/fs/etc/dovecot/dovecot.conf.in b/public/fs/etc/dovecot/dovecot.conf.in new file mode 100644 index 0000000..6526c58 --- /dev/null +++ b/public/fs/etc/dovecot/dovecot.conf.in @@ -0,0 +1,7 @@ +hostname = @imaphost@ +protocols = imap + +ssl = required +verbose_ssl = yes + +!include conf.d/*.conf |