Default variables

General Dovecot configuration

dovecot_protocols

List of protocols which should be installed and enabled. Supported are: imap, pop3, managesieve, lmtp

dovecot_protocols: [ 'imap' ]
dovecot_auth

List of authentication mechanisms enabled. So far supported are: plain, login

dovecot_auth_mechanisms: [ 'plain', 'login' ]
dovecot_dependencies

Should the Dovecot role manage it's own dependencies?

dovecot_dependencies: True

User database/mailbox configuration

dovecot_user_accounts

User account lookup. So far supported are:

  • deny: Deny access for users
  • system: Mail users are Linux system users
  • sql: Mail users are stored in a SQL database
  • passwdfile: Users password are stored in a file
dovecot_user_accounts: [ 'deny', 'system' ]
dovecot_deny_users

List of users for which mail acess is disabled.

dovecot_deny_users: [ 'root' ]
dovecot_mail_location

Mailbox location. For maildir set something like maildir:~/Maildir. For more information about the supported format, check Dovecot Mail Location

dovecot_mail_location: 'mbox:~/mail:INBOX=/var/mail/%u'
dovecot_sql_driver

The SQL driver defines which SQL is used. This can be either mysql or pgsql.

The database should have a structure like this:

CREATE TABLE `users` (
  `userid` varchar(128) NOT NULL,
  `domain` varchar(128) NOT NULL,
  `password` varchar(128) NOT NULL,
  `home` varchar(255) NOT NULL,
  `uid` int(11) NOT NULL,
  `gid` int(11) NOT NULL,
  `active` char(1) NOT NULL DEFAULT 'Y',
  `maildir` varchar(255) NOT NULL
)
dovecot_sql_driver: 'mysql'
dovecot_sql_host

The hostname of the SQL server.

dovecot_sql_host: ''
dovecot_sql_dbname

The SQL database name.

dovecot_sql_dbname: ''
dovecot_sql_user

The username to access the SQL server.

dovecot_sql_user: ''
dovecot_sql_password

The password to login into the SQL server.

dovecot_sql_password: ''
dovecot_sql_default_pass_scheme

Default passwort scheme for passwords, stored in a SQL database. For more information about the supported schemes, check Authentication / PasswordSchemes

dovecot_sql_default_pass_scheme: 'SSHA512'
dovecot_sql_password_query

SQL query string to get the password. This function should return the values username, domain and password.

dovecot_sql_password_query: "SELECT userid AS username, domain, password FROM users WHERE userid = '%n' AND domain = '%d'"
dovecot_sql_user_query

SQL query string to get the userdb. This function should return the values home, uid and gid.

Optional the mail_location can be defined with the option mail. For more information about the mail_location, check MailLocation

dovecot_sql_user_query: "SELECT home, uid, gid FROM users WHERE userid = '%n' AND domain = '%d'"
dovecot_passwdfile_scheme

Scheme method use by dovecot with password authentication

dovecot_passwdfile_scheme: 'sha512-crypt'
dovecot_passwdfile_path

Path to the dovecot password file

dovecot_passwdfile_path: '/etc/dovecot/private/'
dovecot_passwdfile_name

Name to the dovecot password file

dovecot_passwdfile_name: 'passwd'
dovecot_passwordfile_uid

uid use by Dovecot when it store mail in mailbox

dovecot_passwdfile_uid: 'dovecot-vmail'
dovecot_passwordfile_gid

gid use by Dovecot when it store mail in mailbox

dovecot_passwdfile_gid: 'dovecot-vmail'
dovecot_passwordfile_home

Path to the mailbox

dovecot_passwdfile_home: '{{ (ansible_local.root.home
                             if (ansible_local|d() and ansible_local.root|d() and
                                  ansible_local.root.home|d())
                             else "/var/local") + "/" + dovecot_passwdfile_uid }}'
dovecot_passwordfile_mailbox_path

Path inside the mailbox home directory

dovecot_passwdfile_mailbox_path: '%u'

PKI / TLS configuration

dovecot_pki

Enable or disable support for TLS in Dovecot (using debops.pki)

dovecot_pki: True
dovecot_pki_path

Base PKI directory

dovecot_pki_path: '{% if (ansible_local is defined and ansible_local.pki is defined) %}{{ ansible_local.pki.base_path }}{% else %}/etc/pki{% endif %}'
dovecot_pki_realm

Default PKI realm used by Dovecot

dovecot_pki_realm: '{% if (ansible_local is defined and ansible_local.pki is defined) %}{{ ansible_local.pki.realm }}{% else %}system{% endif %}'
dovecot_pki_crt

Default certificate, relative to dovecot_pki_realm variable

dovecot_pki_crt: 'default.crt'
dovecot_pki_key

Default private key, relative to dovecot_pki_realm variable

dovecot_pki_key: 'default.key'
dovecot_ssl_required

Requires SSL/TLS also for non-plaintext authentication. For more information check ssl_required in Dovecot SSL Configuration

dovecot_ssl_required: True
dovecot_ssl_cipher_list

SSL ciphers to use

dovecot_ssl_cipher_list: 'TLSv1+HIGH:!SSLv2:!EXPORT:!RC4:!aNULL:!eNULL:!3DES:@STRENGTH'

Dovecot custom configuration

dovecot_imap_listeners

List of IMAP inet_listeners which will be enabled. See dovecot_imap_listeners for more details.

dovecot_imap_listeners: [ 'imap', 'imaps' ]
dovecot_imap_config_map

Custom IMAP configuration properties. See dovecot_imap_config_map for more details.

dovecot_imap_config_map: {}
dovecot_pop3_listeners

List of POP3 inet_listeners which will be enabled. See dovecot_pop3_listeners for more details.

dovecot_pop3_listeners: [ 'pop3', 'pop3s' ]
dovecot_pop3_config_map

Custom POP3 configuration properties. See dovecot_pop3_config_map for more details.

dovecot_pop3_config_map: {}
dovecot_managesieve_listeners

List of ManageSieve inet_listeners which will be enabled. See dovecot_managesieve_listeners for more details.

dovecot_managesieve_listeners: [ 'sieve' ]
dovecot_managesieve_config_map

Custom ManageSieve configuration properties. See dovecot_managesieve_config_map for more details.

dovecot_managesieve_config_map: {}
dovecot_lda_config_map

Custom LDA configuration properties. See dovecot_lda_config_map for more details.

dovecot_lda_config_map: {}
dovecot_lmtp_listeners

List of LMTP inet_listeners or unix_listeners which will be enabled. See dovecot_lmtp_listeners for more details.

dovecot_lmtp_listeners: [ '/var/spool/postfix/private/dovecot-lmtp' ]
dovecot_lmtp_config_map

Custom LMTP configuration properties. See dovecot_lmtp_config_map for more details.

dovecot_lmtp_config_map:
  service:
    unix_listener:
      /var/spool/postfix/private/dovecot-lmtp:
        user: 'postfix'
        group: 'postfix'
        mode: 0600
dovecot_postfix_transport

Postfix mail transport target if LMTP is enabled. For more details see dovecot_postfix_transport.

dovecot_postfix_transport: 'lmtp:unix:private/dovecot-lmtp'
dovecot_custom_localconf

Dovecot custom configuration added at the end of /etc/dovecot/local.conf in a text block format

dovecot_custom_localconf: False
dovecot_firewall

Choose to use firewall with debops.ferm to drive iptables or not.

dovecot_firewall: True