ka
/
ansible-role-dovecot
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

make certificates configurable

master
Markus Katharina Brechtel 4 years ago
parent
6d258caab7
commit
30c8a65a17
2 changed files with 4 additions and 2 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +2
    -0
      defaults/main.yaml
  2. +2
    -2
      templates/conf.d/10-ssl.conf.j2

+ 2
- 0
defaults/main.yaml View File

@@ -7,3 +7,5 @@ dovecot_lmtp_inet_listener: false
dovecot_unix_listeners_for_postfix: true dovecot_unix_listeners_for_postfix: true
dovecot_auth_inet_listener: false dovecot_auth_inet_listener: false
dovecot_auth: sql dovecot_auth: sql
dovecot_certificate_fullchain_file: /etc/ssl/certs/ssl-cert-snakeoil.pem
dovecot_certificate_private_key_file: /etc/ssl/private/ssl-cert-snakeoil.key

+ 2
- 2
templates/conf.d/10-ssl.conf.j2 View File

@@ -11,8 +11,8 @@ ssl = yes
# dropping root privileges, so keep the key file unreadable by anyone but # dropping root privileges, so keep the key file unreadable by anyone but
# root. Included doc/mkcert.sh can be used to easily generate self-signed # root. Included doc/mkcert.sh can be used to easily generate self-signed
# certificate, just make sure to update the domains in dovecot-openssl.cnf # certificate, just make sure to update the domains in dovecot-openssl.cnf
ssl_cert = </etc/ssl/certs/ssl-cert-snakeoil.pem
ssl_key = </etc/ssl/private/ssl-cert-snakeoil.key
ssl_cert = <{{dovecot_certificate_fullchain_file}}
ssl_key = <{{dovecot_certificate_private_key_file}}


# If key file is password protected, give the password here. Alternatively # If key file is password protected, give the password here. Alternatively
# give it when starting dovecot with -p parameter. Since this file is often # give it when starting dovecot with -p parameter. Since this file is often


Write Preview
Loading…
Cancel
Save