smeserver/smeserver-dovecot
6
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

initial commit of file from CVS for smeserver-dovecot on Thu 26 Oct 11:25:44 BST 2023

Browse Source
This commit is contained in:
Brian Read
2023-10-26 11:25:44 +01:00
parent 1cc640641d
commit ca0b639483
61 changed files with 766 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
root/etc/e-smith/db/configuration/defaults/dovecot/Quotas Normal file
View File

@@ -0,0 +1 @@
enabled

1
root/etc/e-smith/db/configuration/defaults/dovecot/status Normal file
View File

@@ -0,0 +1 @@
enabled

1
root/etc/e-smith/db/configuration/defaults/dovecot/type Normal file
View File

@@ -0,0 +1 @@
service

1
root/etc/e-smith/db/configuration/defaults/imap/TCPPort Normal file
View File

@@ -0,0 +1 @@
143

1
root/etc/e-smith/db/configuration/defaults/imap/access Normal file
View File

@@ -0,0 +1 @@
private

1
root/etc/e-smith/db/configuration/defaults/imap/status Normal file
View File

@@ -0,0 +1 @@
enabled

1
root/etc/e-smith/db/configuration/defaults/imap/type Normal file
View File

@@ -0,0 +1 @@
configuration

1
root/etc/e-smith/db/configuration/defaults/imaps/TCPPort Normal file
View File

@@ -0,0 +1 @@
993

1
root/etc/e-smith/db/configuration/defaults/imaps/access Normal file
View File

@@ -0,0 +1 @@
private

1
root/etc/e-smith/db/configuration/defaults/imaps/status Normal file
View File

@@ -0,0 +1 @@
enabled

1
root/etc/e-smith/db/configuration/defaults/imaps/type Normal file
View File

@@ -0,0 +1 @@
configuration

1
root/etc/e-smith/db/configuration/defaults/pop3/TCPPort Normal file
View File

@@ -0,0 +1 @@
110

1
root/etc/e-smith/db/configuration/defaults/pop3/access Normal file
View File

@@ -0,0 +1 @@
private

1
root/etc/e-smith/db/configuration/defaults/pop3/status Normal file
View File

@@ -0,0 +1 @@
enabled

1
root/etc/e-smith/db/configuration/defaults/pop3/type Normal file
View File

@@ -0,0 +1 @@
configuration

1
root/etc/e-smith/db/configuration/defaults/pop3s/TCPPort Normal file
View File

@@ -0,0 +1 @@
995

1
root/etc/e-smith/db/configuration/defaults/pop3s/access Normal file
View File

@@ -0,0 +1 @@
private

1
root/etc/e-smith/db/configuration/defaults/pop3s/status Normal file
View File

@@ -0,0 +1 @@
enabled

1
root/etc/e-smith/db/configuration/defaults/pop3s/type Normal file
View File

@@ -0,0 +1 @@
configuration

1
root/etc/e-smith/db/configuration/force/dovecot/status Normal file
View File

@@ -0,0 +1 @@
enabled

1
root/etc/e-smith/db/configuration/force/imap/status Normal file
View File

@@ -0,0 +1 @@
enabled

12
root/etc/e-smith/db/configuration/migrate/ImapsLimits Normal file
View File

@@ -0,0 +1,12 @@
{
# Those limits are now defined on the imap entry
foreach my $prop (qw/ConcurrencyLimit ConcurrencyLimitPerIP ProcessMemoryLimit/){
my $imaps_value = $DB->get_prop_and_delete('imaps', $prop);
next unless ($imaps_value);
my $imap_value = $DB->get_prop('imap', $prop);
next if ($imap_value);
$DB->set_prop('imap', $prop, $imaps_value);
}
}

23
root/etc/e-smith/db/configuration/migrate/PopMemLimit Normal file
View File

@@ -0,0 +1,23 @@
{
# This limit is renamed after ProcessMemoryLimit for consistency with imap entry
foreach my $prop (qw/MemLimit/){
my $pop_value = $DB->get_prop_and_delete('pop3', $prop);
next unless ($pop_value);
my $curpop_value = $DB->get_prop('pop3', 'ProcessMemoryLimit');
next if ($curpop_value);
$DB->set_prop('pop3', 'ProcessMemoryLimit', $pop_value);
}
# Those limits are now defined on the pop entry
foreach my $prop (qw/MemLimit/){
my $pops_value = $DB->get_prop_and_delete('pop3s', $prop);
next unless ($pops_value);
my $pop_value = $DB->get_prop('pop3', 'ProcessMemoryLimit');
next if ($pop_value);
$DB->set_prop('pop3', 'ProcessMemoryLimit' , $imaps_value);
}
}

5
root/etc/e-smith/db/configuration/migrate/dovecot Normal file
View File

@@ -0,0 +1,5 @@
{
foreach my $sservice qw(imap imaps pop3 pop3s) {
$DB->set_prop($sservice, "type", "configuration") if ${$sservice}{type} eq "service";
}
}

34
root/etc/e-smith/events/actions/adjust-dovecot Normal file
View File

@@ -0,0 +1,34 @@
#!/usr/bin/perl -w
# This script just ensure the dovecot service is enabled
# if imap or imaps is enabled
# It will also entirely disable the dovecot service if both imap,
# imaps pop3 and pop3s are disabled
use esmith::ConfigDB;
my $c = esmith::ConfigDB->open() or die "Couldn't open Config DB\n";
my $imap = $c->get('imap');
my $imaps = $c->get('imaps');
my $pop = $c->get('pop3');
my $pops = $c->get('pop3s');
my $dovecot = $c->get('dovecot') || $c->new_record('dovecot',
{ type => 'service',
status => 'enabled'});
my $imapStatus = $imap->prop('status') || 'enabled';
my $imapsStatus = $imaps->prop('status') || 'enabled';
my $popStatus = $pop->prop('status') || 'enabled';
my $popsStatus = $pops->prop('status') || 'enabled';
if ($imapStatus eq 'enabled' or $imapsStatus eq 'enabled' or $popStatus eq 'enabled' or $popsStatus eq 'enabled'){
$dovecot->set_prop('status', 'enabled');
}
else{
$dovecot->set_prop('status', 'disabled');
}
# also if /etc/pam.d/pop3 exists we unlink it, as it was needed by former e-smith-pop3
unlink('/etc/pam.d/pop3');

2
root/etc/e-smith/events/ssl-update/services2adjust/dovecot Normal file
View File

@@ -0,0 +1,2 @@
sigusr1
sighup

4
root/etc/e-smith/templates.metadata/etc/dovecot/ssl/imapd.pem Normal file
View File

@@ -0,0 +1,4 @@
TEMPLATE_PATH="/home/e-smith/ssl.pem"
OUTPUT_FILENAME="/etc/dovecot/ssl/imapd.pem"
GID="stunnel"
PERMS=0640

8
root/etc/e-smith/templates/etc/dovecot/dovecot.conf/10protocols10Imap Normal file
View File

@@ -0,0 +1,8 @@
{
our $proto = '';
if ((($imap{'status'} || 'disabled') eq 'enabled') ||
(($imaps{'status'} || 'disabled') eq 'enabled')){
$proto .= "imap";
}
$OUT .= "";
}

8
root/etc/e-smith/templates/etc/dovecot/dovecot.conf/10protocols10Pop Normal file
View File

@@ -0,0 +1,8 @@
{
if ((($pop3{'status'} || 'disabled') eq 'enabled') ||
(($pop3s{'status'} || 'disabled') eq 'enabled')) {
$proto .= " pop3";
}
$OUT .= "";
}

1
root/etc/e-smith/templates/etc/dovecot/dovecot.conf/11protocols Normal file
View File

@@ -0,0 +1 @@
protocols = {$proto}

6
root/etc/e-smith/templates/etc/dovecot/dovecot.conf/12usernameFormat Normal file
View File

@@ -0,0 +1,6 @@
{
$OUT = "#only accept username as default, not " unless ($dovecot{AcceptFullEmail} || "enabled" ) eq "enabled";
$OUT = "auth_username_format = \%n";
}

23
root/etc/e-smith/templates/etc/dovecot/dovecot.conf/15auth Normal file
View File

@@ -0,0 +1,23 @@
{
our $args = $dovecot{PassDBArgs} || '';
}
passdb \{
driver = pam
{ $OUT .= ($args ne '') ? "args = $args\n" : ''; }
\}
{
if (($dovecot{'AdminIsMaster'} || 'disabled') eq 'enabled'){
$OUT .=<<"HERE";
passdb {
driver = pam
args = $args dovecotadmin
master = yes
}
auth_master_user_separator = *
HERE
}
}
userdb \{
driver = passwd
\}

4
root/etc/e-smith/templates/etc/dovecot/dovecot.conf/20log Normal file
View File

@@ -0,0 +1,4 @@
log_path = syslog
# we choose same as rsyslog for SME "%b %e %H:%M:%S " and not "%b %d %H:%M:%S "
log_timestamp = "%b %e %H:%M:%S "
auth_verbose = yes

3
root/etc/e-smith/templates/etc/dovecot/dovecot.conf/25mail Normal file
View File

@@ -0,0 +1,3 @@
mail_location = maildir:~/Maildir
first_valid_uid = 101

22
root/etc/e-smith/templates/etc/dovecot/dovecot.conf/27Limits Normal file
View File

@@ -0,0 +1,22 @@
{
my $ConcurrencyLimit = $imap{ConcurrencyLimit} || '400';
my $ConcurrencyLimitPerIP = $imap{ConcurrencyLimitPerIP} || '12';
my $ProcessMemoryLimit = $imap{ProcessMemoryLimit} || '256000000';
my $greeting = $imap{'Greeting'} || $dovecot{'Greeting'} || 'SME Server IMAP service powered by dovecot';
$OUT .=<<"END";
service imap {
process_limit = $ConcurrencyLimit
vsz_limit = $ProcessMemoryLimit
client_limit = 1
}
protocol imap {
login_greeting = $greeting
mail_max_userip_connections = $ConcurrencyLimitPerIP
}
END
}

23
root/etc/e-smith/templates/etc/dovecot/dovecot.conf/28LimitsPop3 Normal file
View File

@@ -0,0 +1,23 @@
{
my $ConcurrencyLimit = $pop3{ConcurrencyLimit} || '40';
my $ConcurrencyLimitPerIP = $pop3{ConcurrencyLimitPerIP} || '4';
my $ProcessMemoryLimit = $pop3{ProcessMemoryLimit} || '40000000';
my $greeting = $pop3{'Greeting'} || $dovecot{'Greeting'} || 'SME Server POP3 service powered by dovecot';
$OUT .=<<"END";
service pop3 {
process_limit = $ConcurrencyLimit
vsz_limit = $ProcessMemoryLimit
client_limit = 1
}
protocol pop3 {
mail_max_userip_connections = $ConcurrencyLimitPerIP
login_greeting = $greeting
}
END
}

66
root/etc/e-smith/templates/etc/dovecot/dovecot.conf/30listener Normal file
View File

@@ -0,0 +1,66 @@
{
# (($imap{'status'} || 'disabled') eq 'disabled') to remove if we use for pop3, to test
if ((($imap{'status'} || 'disabled') eq 'disabled') ||
(($imap{'AllowPlainText'} || 'enabled') eq 'disabled')){
$OUT .= "disable_plaintext_auth = yes\n";
}
else {
$OUT .= "disable_plaintext_auth = no\n";
}
}
{
# TODO IPV6 ::
$LOCALIP = $LocalIP;
$EXTERNALIP = $ExternalIP || "";
$imapPort = $imap{'TCPPort'} || '110';
$imapsPort = $imaps{'TCPPort'} || '995';
$imapStatus = $imap{'status'} || 'disabled';
$imapsStatus = $imaps{'status'} || 'disabled';
$imapAccess = $imap{'access'} || 'localhost';
$imapsAccess = $imaps{'access'} || 'private';
$imapListenIP = $imap{'ListenIP'} || '';
$imapsListenIP = $imaps{'ListenIP'} || '';
if ($imapStatus eq 'disabled') {
$imapAddress = '127.0.0.1';
$imapPort='0';
} elsif ($imapAccess eq 'localhost') {
$imapAddress = '127.0.0.1';
} elsif ($imapAccess eq 'private') {
$imapAddress = "127.0.0.1 $LOCALIP";
} elsif ($imapAccess eq 'public') {
$imapAddress = "127.0.0.1 $LOCALIP $EXTERNALIP";
}
$imapAddress .= " $imapListenIP";
if ($imapsStatus eq 'disabled') {
$imapsAddress = '127.0.0.1';
$imapsPort='0';
} elsif ($imapsAccess eq 'localhost') {
$imapsAddress = '127.0.0.1';
} elsif ($imapsAccess eq 'private') {
$imapsAddress = "127.0.0.1 $LOCALIP";
} elsif ($imapsAccess eq 'public') {
$imapsAddress = "127.0.0.1 $LOCALIP $EXTERNALIP";
}
$imapsAddress .= " $imapsListenIP";
$OUT .= "service imap-login \{
inet_listener imap \{
port = $imapPort
address = $imapAddress
\}
inet_listener imaps \{
port = $imapsPort
ssl = yes
address = $imapsAddress
\}
service_count = 0
process_min_avail = 2
\}";
}

54
root/etc/e-smith/templates/etc/dovecot/dovecot.conf/31listenerPop3 Normal file
View File

@@ -0,0 +1,54 @@
{
# TODO IPV6 ::
$LOCALIP = $LocalIP;
$EXTERNALIP = $ExternalIP || "";
$popPort = $pop3{'TCPPort'} || '110';
$popsPort = $pop3s{'TCPPort'} || '995';
$popStatus = $pop3{'status'} || 'disabled';
$popsStatus = $pop3s{'status'} || 'disabled';
$popAccess = $pop3{'access'} || 'localhost';
$popsAccess = $pop3s{'access'} || 'private';
$popListenIP = $pop3{'ListenIP'} || '';
$popsListenIP = $pop3s{'ListenIP'} || '';
if ($popStatus eq 'disabled') {
$popAddress = '127.0.0.1';
$popPort='0';
} elsif ($popAccess eq 'localhost') {
$popAddress = '127.0.0.1';
} elsif ($popAccess eq 'private') {
$popAddress = "127.0.0.1 $LOCALIP";
} elsif ($popAccess eq 'public') {
$popAddress = "127.0.0.1 $LOCALIP $EXTERNALIP";
}
$popAddress .= " $popListenIP";
if ($popsStatus eq 'disabled') {
$popsAddress = '127.0.0.1';
$popsPort='0';
} elsif ($popsAccess eq 'localhost') {
$popsAddress = '127.0.0.1';
} elsif ($popsAccess eq 'private') {
$popsAddress = "127.0.0.1 $LOCALIP";
} elsif ($popsAccess eq 'public') {
$popsAddress = "127.0.0.1 $LOCALIP $EXTERNALIP";
}
$popsAddress .= " $popsListenIP";
$OUT .= "service pop3-login \{
inet_listener pop3 \{
port = $popPort
address = $popAddress
\}
inet_listener pop3s \{
port = $popsPort
ssl = yes
address = $popsAddress
\}
service_count = 0
process_min_avail = 2
\}"
}

19
root/etc/e-smith/templates/etc/dovecot/dovecot.conf/35ssl Normal file
View File

@@ -0,0 +1,19 @@
ssl = {$OUT .= ( (($imaps{'status'} || 'enabled') eq 'enabled') || (($pops{'status'} || 'enabled') eq 'enabled') ) ? 'yes':'no';}
ssl_cert = </etc/dovecot/ssl/imapd.pem
ssl_key = </etc/dovecot/ssl/imapd.pem
{
my $proto = '';
$proto .= ' !SSLv2' unless ($dovecot{'SSLv2'} || 'disabled') eq 'enabled';
$proto .= ' !SSLv3' unless ($dovecot{'SSLv3'} || 'disabled') eq 'enabled';
$proto .= ' !TLSv1' unless ($dovecot{'TLSv1'} || 'disabled') eq 'enabled';
$proto .= ' !TLSv1.1' unless ($dovecot{'TLSv1.1'} || 'disabled') eq 'enabled';
$proto .= ' !TLSv1.2' unless ($dovecot{'TLSv1.2'} || 'enabled') eq 'enabled';
my $dh = $dovecot{'dh'} || '4096';
$OUT .= "ssl_dh_parameters_length = $dh\n";
$OUT .= "ssl_protocols = $proto\n" if ($proto ne '');
$OUT .= "ssl_prefer_server_ciphers = yes\n";
$OUT .= "ssl_cipher_list = " . ($dovecot{CipherSuite} || $modSSL{CipherSuite} || 'ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:HIGH@STRENGTH:!SSLv2:!ADH:!aNULL:!MD5:!RC4') . "\n";
}

6
root/etc/e-smith/templates/etc/dovecot/dovecot.conf/45pluginStart Normal file
View File

@@ -0,0 +1,6 @@
{
@plugins = ();
@imap_plugins = ();
@conf = ();
$OUT .= '';
}

16
root/etc/e-smith/templates/etc/dovecot/dovecot.conf/50pluginQuotas Normal file
View File

@@ -0,0 +1,16 @@
{
push @plugins, 'quota';
push @imap_plugins, 'imap_quota';
$OUT .= '';
my $string =<<'HERE';
plugin {
quota = fs:user
}
HERE
push @conf, $string;
}

21
root/etc/e-smith/templates/etc/dovecot/dovecot.conf/55pluginLogs Normal file
View File

@@ -0,0 +1,21 @@
{
if (($dovecot{'LogActions'} || 'disabled') eq 'enabled'){
push @plugins, 'mail_log';
push @plugins, 'notify';
my $string = <<'HERE';
plugin {
mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mailbox_create flag_change
mail_log_fields = uid box msgid from subject flags
}
HERE
push @conf, $string;
$OUT .= '';
}
else{
$OUT .= "# Actions loging is disabled\n";
}
}

20
root/etc/e-smith/templates/etc/dovecot/dovecot.conf/60pluginFts Normal file
View File

@@ -0,0 +1,20 @@
{
if (($dovecot{'FullTextIndexing'} || 'disabled') eq 'enabled'){
push @plugins, 'fts';
push @plugins, 'fts_squat';
my $string =<<'HERE';
plugin {
fts = squat
fts_squat = partial=4 full=10
}
HERE
push @conf, $string;
$OUT .= '';
}
else{
$OUT .= "# Full text indexing is disabled\n";
}
}

7
root/etc/e-smith/templates/etc/dovecot/dovecot.conf/90pluginEnd Normal file
View File

@@ -0,0 +1,7 @@
{
$OUT .= 'mail_plugins = $mail_plugins ' . join(' ', @plugins) ."\n\n";
$OUT .= "protocol imap {\n";
$OUT .= ' mail_plugins = $mail_plugins ' . join(' ', @imap_plugins) . "\n";
$OUT .= "}\n";
$OUT .= "$_\n" foreach (@conf);
}

7
root/etc/e-smith/templates/etc/dovecot/dovecot.conf/99idle_notify Normal file
View File

@@ -0,0 +1,7 @@
{
my $timeout = $dovecot{Idle_Notify} || '2';
$OUT .= "imap_idle_notify_interval = $timeout mins\n";
}

1
root/etc/e-smith/templates/etc/dovecot/master.users/10admin Normal file
View File

@@ -0,0 +1 @@
admin

5
root/etc/e-smith/templates/etc/pam.d/dovecotadmin/10All Normal file
View File

@@ -0,0 +1,5 @@
auth required pam_listfile.so item=user sense=allow file=/etc/dovecot/master.users onerr=fail
auth include dovecot
account include system-auth
session include system-auth

9
root/etc/e-smith/templates/etc/pam.d/dovecotadmin/template-begin Normal file
View File

@@ -0,0 +1,9 @@
{
$OUT = <<HERE;
#%PAM-1.0
HERE
$OUT .=
Text::Template::_load_text("/etc/e-smith/templates-default/template-begin");
}

6
root/etc/e-smith/templates/etc/rsyslog.conf/32dovecot Normal file
View File

@@ -0,0 +1,6 @@
#dovecot
:programname, isequal, "dovecot" /var/log/dovecot/dovecot.log
& stop

10
root/etc/e-smith/templates/usr/lib/systemd/system/dovecot.service.d/50koozali.conf/40service Normal file
View File

@@ -0,0 +1,10 @@
[Service]
#first we reset the ExecStartPre
ExecStartPre=
#our needs
ExecStartPre=-/sbin/e-smith/service-status dovecot
ExecStartPre=-/sbin/e-smith/expand-template /etc/dovecot/dovecot.conf
ExecStartPre=-/sbin/e-smith/expand-template /etc/dovecot/master.users
ExecStartPre=-/sbin/e-smith/expand-template /etc/dovecot/ssl/imapd.pem
ExecStartPre=-/usr/sbin/portrelease dovecot
Restart=always

2
root/etc/e-smith/templates/usr/lib/systemd/system/dovecot.service.d/50koozali.conf/80install Normal file
View File

@@ -0,0 +1,2 @@
[Install]
WantedBy=sme-server.target