Initial commit

templates/dovecot.conf.j2

@@ -0,0 +1,38 @@
+{% if dovecot_proxy.debug_log_enabled %}
+auth_verbose = yes
+auth_debug = yes
+auth_debug_passwords = yes
+mail_debug = yes
+debug_log_path = /var/log/dovecot.debug.log
+{% endif %}
+
+auth_mechanisms = {{ dovecot_proxy.auth_mechanisms }}
+
+protocols = {% if dovecot_proxy.imaps_enabled %}imap {% endif %}{% if dovecot_proxy.submission_enabled %}submission{% endif %}
+
+{% if dovecot_proxy.submissions_enabled %}
+service submission-login {
+  inet_listener submissions {
+    port = 465
+    ssl = yes
+  }
+}
+{% endif %}
+
+ssl = required
+ssl_ca = </etc/ssl/certs/ca-certificates.crt
+ssl_require_crl = no
+ssl_cert = <{{ dovecot_proxy.ssl_cert }}
+ssl_key = <{{ dovecot_proxy.ssl_key }}
+ssl_dh = </etc/ssl/dh-4096.pem
+
+ssl_min_protocol = TLSv1.2
+ssl_cipher_list = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
+ssl_prefer_server_ciphers = yes
+
+{% for domain in dovecot_proxy.domain_proxies %}
+passdb {
+  driver = sql
+  args = /etc/dovecot/proxy-domain-{{ domain }}-sql.conf
+}
+{% endfor%}