Getting started

Example inventory

To enable the dovecot service on a host, you need to add it to the [debops_service_dovecot] Ansible inventory group:

[debops_service_dovecot]
hostname

Default setup

If you don't specify any configuration values, the role will setup dovecot with IMAP, IMAPS, LMTP, Sieve and Quota support.

In addition, LDAP will automatically be enabled if the host is already configured to use debops.ldap, otherwise dovecot will be configured to allow every user which is able to login via PAM to also login via IMAP and access their emails.

Other resources

List of other useful resources related to the debops.dovecot Ansible role:

• Manual pages: for example, dovecot(1), doveconf(1) and doveadm(1)

• The website of the Dovecot Project, in particular the configuration documentation

Example playbook

If you are using the role without DebOps, here's an example Ansible playbook that uses the debops.dovecot role:

---

- name: Manage Dovecot service
  collections: [ 'debops.debops', 'debops.roles01',
                 'debops.roles02', 'debops.roles03' ]
  hosts: [ 'debops_service_dovecot' ]
  become: True

  environment: '{{ inventory__environment | d({})
                   | combine(inventory__group_environment | d({}))
                   | combine(inventory__host_environment  | d({})) }}'

  pre_tasks:

    - name: Prepare dovecot environment
      import_role:
        name: 'dovecot'
        tasks_from: 'main_env'
      tags: [ 'role::dovecot', 'role::secret', 'role::ferm' ]

    - name: Prepare postfix environment
      import_role:
        name: 'postfix'
        tasks_from: 'main_env'
      vars:
        postfix__dependent_maincf:
          - role: 'dovecot'
            config: '{{ dovecot__postfix__dependent_maincf }}'
        postfix__dependent_mastercf:
          - role: 'dovecot'
            config: '{{ dovecot__postfix__dependent_mastercf }}'
      tags: [ 'role::postfix', 'role::secret', 'role::ferm' ]

  roles:

    - role: secret
      tags: [ 'role::secret', 'role::postfix' ]
      secret__directories:
        - '{{ postfix__secret__directories }}'

    - role: etc_services
      tags: [ 'role::etc_services', 'skip::etc_services' ]
      etc_services__dependent_list:
        - '{{ dovecot__etc_services__dependent_list }}'

    - role: ferm
      tags: [ 'role::ferm', 'skip::ferm' ]
      ferm__dependent_rules:
        - '{{ dovecot__ferm__dependent_rules }}'

    - role: postfix
      tags: [ 'role::postfix', 'skip::postfix' ]
      postfix__dependent_maincf:
        - role: 'dovecot'
          config: '{{ dovecot__postfix__dependent_maincf }}'
      postfix__dependent_mastercf:
        - role: 'dovecot'
          config: '{{ dovecot__postfix__dependent_mastercf }}'

    - role: python
      tags: [ 'role::python', 'skip::python', 'role::ldap' ]
      python__dependent_packages3:
        - '{{ ldap__python__dependent_packages3 }}'
      python__dependent_packages2:
        - '{{ ldap__python__dependent_packages2 }}'

    - role: ldap
      tags: [ 'role::ldap', 'skip::ldap' ]
      ldap__dependent_tasks:
        - '{{ dovecot__ldap__dependent_tasks }}'

    - role: dovecot
      tags: [ 'role::dovecot', 'skip::dovecot' ]

Ansible tags

You can use Ansible --tags or --skip-tags parameters to limit what tasks are performed during Ansible runs. This can be used after a host is first configured to speed up playbook execution when you are sure that most of the configuration has not been changed.

Available role tags:

role::dovecot

Main role tag, should be used in the playbook to execute all of the role tasks as well as role dependencies.

role::dovecot:conf

Main configuration tag, should be used in the playbook to execute all of the role tasks relates to configuration creation.

role::covecot:conf:sql

SQL specific configuration subtag.

role::dovecot:conf:ldap

LDAP specific configuration subtag.

role::dovecot:user

Limited to dovecot user configuration tasks.

role::dovecot:group

Limited to dovecot group configuration tasks.