You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

150 lines
6.1KB

  1. {{ansible_managed|comment}}
  2. # This file is commonly accessed via passdb {} or userdb {} section in
  3. # conf.d/auth-sql.conf.ext
  4. # This file is opened as root, so it should be owned by root and mode 0600.
  5. #
  6. # http://wiki2.dovecot.org/AuthDatabase/SQL
  7. #
  8. # For the sql passdb module, you'll need a database with a table that
  9. # contains fields for at least the username and password. If you want to
  10. # use the user@domain syntax, you might want to have a separate domain
  11. # field as well.
  12. #
  13. # If your users all have the same uig/gid, and have predictable home
  14. # directories, you can use the static userdb module to generate the home
  15. # dir based on the username and domain. In this case, you won't need fields
  16. # for home, uid, or gid in the database.
  17. #
  18. # If you prefer to use the sql userdb module, you'll want to add fields
  19. # for home, uid, and gid. Here is an example table:
  20. #
  21. # CREATE TABLE users (
  22. # username VARCHAR(128) NOT NULL,
  23. # domain VARCHAR(128) NOT NULL,
  24. # password VARCHAR(64) NOT NULL,
  25. # home VARCHAR(255) NOT NULL,
  26. # uid INTEGER NOT NULL,
  27. # gid INTEGER NOT NULL,
  28. # active CHAR(1) DEFAULT 'Y' NOT NULL
  29. # );
  30. # Database driver: mysql, pgsql, sqlite
  31. driver = mysql
  32. # Database connection string. This is driver-specific setting.
  33. #
  34. # HA / round-robin load-balancing is supported by giving multiple host
  35. # settings, like: host=sql1.host.org host=sql2.host.org
  36. #
  37. # pgsql:
  38. # For available options, see the PostgreSQL documention for the
  39. # PQconnectdb function of libpq.
  40. # Use maxconns=n (default 5) to change how many connections Dovecot can
  41. # create to pgsql.
  42. #
  43. # mysql:
  44. # Basic options emulate PostgreSQL option names:
  45. # host, port, user, password, dbname
  46. #
  47. # But also adds some new settings:
  48. # client_flags - See MySQL manual
  49. # ssl_ca, ssl_ca_path - Set either one or both to enable SSL
  50. # ssl_cert, ssl_key - For sending client-side certificates to server
  51. # ssl_cipher - Set minimum allowed cipher security (default: HIGH)
  52. # ssl_verify_server_cert - Verify that the name in the server SSL certificate
  53. # matches the host (default: no)
  54. # option_file - Read options from the given file instead of
  55. # the default my.cnf location
  56. # option_group - Read options from the given group (default: client)
  57. #
  58. # You can connect to UNIX sockets by using host: host=/var/run/mysql.sock
  59. # Note that currently you can't use spaces in parameters.
  60. #
  61. # sqlite:
  62. # The path to the database file.
  63. #
  64. # Examples:
  65. # connect = host=192.168.1.1 dbname=users
  66. # connect = host=sql.example.com dbname=virtual user=virtual password=blarg
  67. # connect = /etc/dovecot/authdb.sqlite
  68. #
  69. connect = host={{dovecot_postfixadmin_mysql_host}} dbname={{dovecot_postfixadmin_mysql_database}} user={{dovecot_postfixadmin_mysql_username}} password={{dovecot_postfixadmin_mysql_password}}
  70. # Default password scheme.
  71. #
  72. # List of supported schemes is in
  73. # http://wiki2.dovecot.org/Authentication/PasswordSchemes
  74. #
  75. default_pass_scheme = MD5-CRYPT
  76. # passdb query to retrieve the password. It can return fields:
  77. # password - The user's password. This field must be returned.
  78. # user - user@domain from the database. Needed with case-insensitive lookups.
  79. # username and domain - An alternative way to represent the "user" field.
  80. #
  81. # The "user" field is often necessary with case-insensitive lookups to avoid
  82. # e.g. "name" and "nAme" logins creating two different mail directories. If
  83. # your user and domain names are in separate fields, you can return "username"
  84. # and "domain" fields instead of "user".
  85. #
  86. # The query can also return other fields which have a special meaning, see
  87. # http://wiki2.dovecot.org/PasswordDatabase/ExtraFields
  88. #
  89. # Commonly used available substitutions (see http://wiki2.dovecot.org/Variables
  90. # for full list):
  91. # %u = entire user@domain
  92. # %n = user part of user@domain
  93. # %d = domain part of user@domain
  94. #
  95. # Note that these can be used only as input to SQL query. If the query outputs
  96. # any of these substitutions, they're not touched. Otherwise it would be
  97. # difficult to have eg. usernames containing '%' characters.
  98. #
  99. # Example:
  100. # password_query = SELECT userid AS user, pw AS password \
  101. # FROM users WHERE userid = '%u' AND active = 'Y'
  102. #
  103. #password_query = \
  104. # SELECT username, domain, password \
  105. # FROM users WHERE username = '%n' AND domain = '%d'
  106. password_query = SELECT username AS user,password FROM mailbox WHERE username = '%u' AND active='1'
  107. # userdb query to retrieve the user information. It can return fields:
  108. # uid - System UID (overrides mail_uid setting)
  109. # gid - System GID (overrides mail_gid setting)
  110. # home - Home directory
  111. # mail - Mail location (overrides mail_location setting)
  112. #
  113. # None of these are strictly required. If you use a single UID and GID, and
  114. # home or mail directory fits to a template string, you could use userdb static
  115. # instead. For a list of all fields that can be returned, see
  116. # http://wiki2.dovecot.org/UserDatabase/ExtraFields
  117. #
  118. # Examples:
  119. # user_query = SELECT home, uid, gid FROM users WHERE userid = '%u'
  120. # user_query = SELECT dir AS home, user AS uid, group AS gid FROM users where userid = '%u'
  121. # user_query = SELECT home, 501 AS uid, 501 AS gid FROM users WHERE userid = '%u'
  122. #
  123. #user_query = \
  124. # SELECT home, uid, gid \
  125. # FROM users WHERE username = '%n' AND domain = '%d'
  126. #
  127. # postfixadmin: Query to retrieve user information, note uid matches dovecot.conf AND Postfix virtual_uid_maps parameter.
  128. user_query = SELECT CONCAT('/home/vmail/', maildir) AS home, \
  129. {{vmail_uid}} AS uid, {{vmail_gid}} AS gid \
  130. FROM mailbox WHERE username = '%u' AND active='1'
  131. # If you wish to avoid two SQL lookups (passdb + userdb), you can use
  132. # userdb prefetch instead of userdb sql in dovecot.conf. In that case you'll
  133. # also have to return userdb fields in password_query prefixed with "userdb_"
  134. # string. For example:
  135. #password_query = \
  136. # SELECT userid AS user, password, \
  137. # home AS userdb_home, uid AS userdb_uid, gid AS userdb_gid \
  138. # FROM users WHERE userid = '%u'
  139. # Query to get a list of all usernames.
  140. #iterate_query = SELECT username AS user FROM users