3-Implement-IMAP/POP #4

giacchetta · 2026-02-11T22:39:12Z

giacchetta commented

2026-02-11 22:39:12 +00:00

No description provided.

giacchetta added 11 commits 2026-02-11 22:39:13 +00:00

feat: add support for Dovecot IMAP/POP3 configuration 87ce53d1d3

Introduces functionality to install and configure Dovecot alongside Postfix to provide IMAP/POP3 services.

Changes include:
- Added tasks to install Dovecot packages (core, imapd, pop3d, lmtpd).
- Added templates for main configuration and conf.d files (auth, master, ssl, mail).
- Defined default variables for protocols, SSL settings, and Maildir location.
- Enabled Postfix SASL and LMTP integration options.
- Added a handler to restart the Dovecot service.
- Updated README.md with the new configuration variables and usage instructions.

fix(dovecot): update auth-userdb listener permissions for postfix e209749f74

Update the `unix_listener auth-userdb` configuration in `templates/10-master.conf.j2`. This change switches the socket ownership from `vmail` to the `postfix` user and explicitly sets the group to `postfix`.

This ensures that the Postfix service has the necessary permissions to access the Dovecot authentication socket for user lookups.

feat: add support for local dovecot users via passwd-file dfd5d89905

This introduces functionality to manage local Dovecot users utilizing a
static `vmail` system user and a flat password file.

Key changes:
- Added `dovecot_users` configuration list to defaults.
- Implemented creation of `vmail` user and group (uid/gid 5000).
- Added logic to generate a random security token using `pwgen` to prefix
  user passwords.
- Created `auth-dovecot-users.conf.ext` and `dovecot-users.j2` templates
  to handle `passwd-file` authentication.
- Updated `10-auth.conf` to include the new local users configuration.
- Updated README with usage instructions and token details.

docs: add agent guidelines and update role title in readme 589d3e0d12

- Create AGENTS.md to define contribution rules, specifically mandating the use of ansible.builtin namespace and ensuring documentation updates.
- Update the README.md header from "Postfix" to "Mail" to align with the repository name.

refactor(dovecot): replace template hashing with openssl command e350a39a29

- Add `openssl` to the list of installed packages to ensure CLI availability.
- Introduce a new task to generate user password hashes using `openssl passwd -6` on the target host instead of relying on the Jinja2 `password_hash` filter.
- Update `dovecot-users.j2` template to utilize the registered output from the new OpenSSL task.
- This ensures consistent SHA512-CRYPT hash generation independent of the controller's Python environment or hashing libraries.

fix(dovecot): use %n instead of %u for username and home path a24007383d

Update the Dovecot authentication template to use `%n` (user part only)
instead of `%u` (full username) in both the `passdb` username format and
the `userdb` home directory path.

This ensures that user lookups and home directory generation rely specifically
on the username portion, excluding the domain part.

feat(dovecot): ensure strict permissions on vmail directory 672082cf64

Added a new task to ensure the `/var/vmail` directory exists with specific ownership and permissions.
- Sets owner and group to `vmail`
- Enforces mode `0700` for security
- Applied only when dovecot is enabled

feat: configure standard special-use mailboxes in dovecot c9892b9e51

Update templates/10-mail.conf.j2 to explicitly define standard mailboxes (Drafts, Junk, Trash, Sent) within the inbox namespace.

This change ensures that:
- These folders are automatically subscribed (`auto = subscribe`).
- They are correctly flagged with `special_use` attributes, improving compatibility with IMAP clients.
- "Sent Messages" is also recognized as a Sent folder for broader client support.

feat(postfix): implement virtual mailbox configuration for Dovecot LMTP f76e0a31ae

Updates the Postfix configuration to correctly handle virtual domains when Dovecot LMTP is enabled, moving away from local system delivery settings.

- Removes `postfix_mail_domain` from `postfix_mydestination` to prevent conflicts with virtual domain handling.
- Updates `main.cf` to set `virtual_transport`, `virtual_mailbox_domains`, and `virtual_mailbox_maps` instead of `mailbox_transport`.
- Adds a new template `virtual_mailbox_maps.j2` to authorize specific users defined in `dovecot_users`.
- Adds tasks to generate the virtual mailbox map file and run `postmap` upon changes.

feat(dovecot): add support for configuring imap_capability b4930c3c7d

This introduces the `dovecot_imap_capability` variable to allow customization of advertised IMAP capabilities.

- Add `dovecot_imap_capability` to `defaults/main.yml` (defaulting to empty).
- Update `templates/dovecot.conf.j2` to conditionally include the `protocol imap` block if the capability string is provided.
- This enables operators to add or remove specific IMAP extensions (e.g., disabling `LITERAL+` or `NOTIFY`) for client compatibility.

docs: update README to reflect internal mail server scope fc1900838b

Refactor the documentation to accurately describe the role as a complete internal mail server stack including Postfix and Dovecot.

Changes include:
- Expanded the description to explicitly list components and internal use cases.
- Added a section clarifying excluded features (antispam/antivirus).
- Reorganized role variables into General and Postfix configuration tables.
- Cleaned up Markdown formatting and removed excessive bold styling.

giacchetta merged commit c853c75f04 into main

2026-02-11 22:40:10 +00:00

giacchetta referenced this issue from a commit

2026-02-11 22:40:11 +00:00

Merge pull request '3-Implement-IMAP/POP' (#4) from 3-Implement-IMAP/POP into main

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: engineering/ansible_role_mail#4