dataset/seed/dovecot/README.md

---
gitea: none
include_toc: true
---


[Return to the list of application services.](../README.md)
# dovecot

## Synopsis


[Postfix and Dovecot as mail servers (IMAP and submission).](https://www.dovecot.org/)

This application service provides email server. Two servers are used: Dovecot as IMAP server and Postfix as submission server. In addition, an auto-detection file of the email configuration is set up.

## Example

Zone names are provided as examples. Think about adapting with the value of provider_zone in configuration file.

```
dovecot:
  applicationservice: dovecot
  provider_zone: imap
  zones_name:
    - ldap
    - localdns
    - oauth2
    - reverseproxy
    - smtp
  values:
    general.mail.domain.mail_domains:
      - example.net
    general.mail.domain.imap_domainname:
      '0': imap.example.net
    general.mail.domain.submission_domainname:
      '0': submission.example.net
```

## Basic variables

### General

#### Mail configuration

Configure IMAP servers and submission to access email accounts and send emails.

##### Mail domain

This family is a leadership.

| Parameter                                                                                                                                                                                                                              | Comments                                                                                                                                                                                                                                                            |
|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| **[general.mail.domain.mail_domains](dictionaries/31_dovecot.xml)**<br/>mandatory, multiple<br/>**Type:** [`domainname`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Final destination email address.<br/>These domain names are the domain names for emails (user@*example.net*) and for auto configuration of email clients (https://*example.net*/.well-known/autoconfig/mail/config-v1.1.xml).<br/>**Example:** example.net          |
| **[general.mail.domain.imap_domainname](dictionaries/31_dovecot.xml)**<br/>mandatory<br/>**Type:** [`domainname`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable)        | External IMAP server address.<br/>Matches TLS connection’s SNI name, if it’s sent by the client. For some email clients, use in DNS configuration a line like "_submissions._tcp IN SRV 1 587 *imap.example.net*.".<br/>**Example:** imap.example.net               |
| **[general.mail.domain.submission_domainname](dictionaries/31_dovecot.xml)**<br/>mandatory<br/>**Type:** [`domainname`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable)  | External submission server address.<br/>Matches TLS connection’s SNI name, if it’s sent by the client. For some email clients, add in DNS configuration a line like "_imaps._tcp IN SRV 0 1 993 *submission.example.net*.".<br/>**Example:** submission.example.net |

| Parameter                                                                                                                                                                                                              | Comments                                                                                                                                                                                                                                                                                                                   |
|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| **[general.mail.mail_crt_provider](dictionaries/31_dovecot.xml)**<br/>mandatory<br/>**Type:** [`choice`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Type of certificate autority signing external IMAP and submission domain certificates.<br/>The certificate can be self-signed (therefore invalid by default for the client) or obtained via the Let's Encrypt service (generally valid for the client).<br/>**Choices:**<br/>- `self-signed` ← default<br/>- `letsencrypt` |

## Variables

### General

#### OpenLDAP directory

##### Client

| Parameter                                                                                                                                                                                                                        | Comment                                                                                            |
|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------|
| **[general.ldap.client.ldapclient_family](dictionaries/31_dovecot.xml)**<br/>mandatory<br/>**Type:** [`unix_user`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Restrict service configuration for a LDAP family.<br/>"all" for all families.<br/>**Default:** all |




## Requirements services

### Mandatories

- [LocalDNS](../README.LocalDNS.md): DNS forwarder for local domain name.
- [SMTP](../README.SMTP.md): Create a SMTP relay account and authorize sending email.
- [LDAP](../README.LDAP.md): Create account and connexion to a LDAP server.
- [ReverseProxy](../README.ReverseProxy.md): Register to service to a reverse proxy server.
- [OAuth2](../README.OAuth2.md): Remote clients needing to verify OAuth2 account.

### Optionals

- [Journald](../README.Journald.md): Concentrate journal messages on one host.

## Dependances

- [base-fedora-36](../base-fedora-36/README.md): Base information of a Fedora 36.
  - [base-fedora](../base-fedora/README.md): Base information of a Fedora.
    - [systemd](../systemd/README.md): Systemd, a system and service manager.
      - [base-machine](../base-machine/README.md): Base information for a machine.
        - [base](../base/README.md): Base of all application services.
        - [dns-local](../dns-local/README.md): DNS client with access to local zones.
        - [pki-tls](../pki-tls/README.md): Autosign PKI or Let's encrypt support for TLS certificates.
      - [journald](../journald/README.md): Journald.
      - [resolved](../resolved/README.md): Resolved.
- [relay-lmtp-client](../relay-lmtp-client/README.md): Application service needs interact with a Postfix server with LMTP protocol.
  - [relay-mail-client](../relay-mail-client/README.md): Client SMTP.
- [ldap-client](../ldap-client/README.md): Application service needs interact with a LDAP server.
- [oauth2-client](../oauth2-client/README.md): Application service needs interact with a Oauth2 server.
- [nginx-https](../nginx-https/README.md): Nginx as HTTPS web site.
  - [nginx-common](../nginx-common/README.md): Nginx common configuration.
  - [reverse-proxy-client](../reverse-proxy-client/README.md): Application service needs interact with a a reverse proxy server.

## Useful for service

[roundcube](../roundcube/README.md): Roundcube, a webmail.