2022-03-08 19:42:28 +01:00
|
|
|
<?xml version='1.0' encoding='UTF-8'?>
|
|
|
|
<rougail version="0.10">
|
|
|
|
<services>
|
|
|
|
<service name="postfix" target="multi-user">
|
|
|
|
<override/>
|
|
|
|
<file engine="none" source="sysuser-postfix.conf">/sysusers.d/1postfix.conf</file>
|
|
|
|
<file engine="none" source="tmpfile-postfix.conf">/tmpfiles.d/0postfix.conf</file>
|
|
|
|
<file>/etc/postfix/main.cf</file>
|
|
|
|
<file>/etc/postfix/master.cf</file>
|
|
|
|
<file>/etc/postfix/ldapsource.cf</file>
|
|
|
|
<file>/etc/postfix/relay_passwd</file>
|
|
|
|
<file>/etc/pki/ca-trust/source/anchors/ca_MailServer.crt</file>
|
|
|
|
<file>/etc/pki/tls/certs/postfix.crt</file>
|
|
|
|
<file owner="root" group="postfix" mode="440">/etc/pki/tls/private/postfix.key</file>
|
|
|
|
</service>
|
|
|
|
<service name='dovecot-init'>
|
|
|
|
<override/>
|
|
|
|
</service>
|
|
|
|
<service name="dovecot" target="multi-user">
|
2022-03-15 12:01:51 +01:00
|
|
|
<file file_type="variable" source="ca_InternalReverseProxy.crt">revprox_ca_file</file>
|
2022-03-08 19:42:28 +01:00
|
|
|
<file engine="none" source="sysuser-dovecot.conf">/sysusers.d/1dovecot.conf</file>
|
|
|
|
<file engine="none" source="tmpfile-dovecot.conf">/tmpfiles.d/0dovecot.conf</file>
|
|
|
|
<file engine='none'>/etc/dovecot/conf.d/10-logging.conf</file>
|
|
|
|
<file engine='none'>/etc/dovecot/conf.d/10-auth.conf</file>
|
|
|
|
<file engine='none'>/etc/dovecot/conf.d/10-mail.conf</file>
|
|
|
|
<file>/etc/dovecot/conf.d/10-master.conf</file>
|
|
|
|
<file engine='none'>/etc/dovecot/conf.d/10-ssl.conf</file>
|
|
|
|
<!-- FIXME file engine='none'>/etc/dovecot/conf.d/12-managesieve.conf</file-->
|
|
|
|
<file engine='none'>/etc/dovecot/conf.d/15-ldap.conf</file>
|
|
|
|
<file engine='none'>/etc/dovecot/conf.d/30-service-stats.conf</file>
|
|
|
|
<file engine='none'>/etc/dovecot/conf.d/00-risotto.conf</file>
|
|
|
|
<!--plain authentification-->
|
|
|
|
<file>/etc/dovecot/conf.d/auth-ldap.conf.ext</file>
|
|
|
|
<file>/etc/dovecot/dovecot-ldap.conf.ext</file>
|
|
|
|
<!--oauth2 authentification-->
|
|
|
|
<file>/etc/dovecot/conf.d/auth-oauth2.conf.ext</file>
|
|
|
|
<file>/etc/dovecot/dovecot-oauth2.conf.ext</file>
|
|
|
|
<!--internal authentification-->
|
|
|
|
<file>/etc/dovecot/conf.d/auth-passwdfile.conf.ext</file>
|
|
|
|
<file>/etc/dovecot/risotto_users</file>
|
|
|
|
<file>/etc/pki/ca-trust/source/anchors/ca_IMAPServer.crt</file>
|
|
|
|
<file>/etc/pki/tls/certs/dovecot.crt</file>
|
|
|
|
<file owner="root" group="dovecot" mode="440">/etc/pki/tls/private/dovecot.key</file>
|
|
|
|
</service>
|
|
|
|
</services>
|
|
|
|
<variables>
|
|
|
|
<family name="annuaire">
|
|
|
|
<variable name="ldap_key_file_owner" redefine="True">
|
|
|
|
<value>dovecot</value>
|
|
|
|
</variable>
|
|
|
|
<variable name="ldap_key_file_group" redefine="True">
|
|
|
|
<value>postfix</value>
|
|
|
|
</variable>
|
|
|
|
</family>
|
|
|
|
<family name="postfix" description="Postfix mail server">
|
|
|
|
<variable name="postfix_my_domains" type="domainname" description="Domaine de courriel généré localement" mandatory="True" multi="True"/>
|
|
|
|
<variable name='postfix_ca_chain' description="CA certificate" hidden='True'/>
|
|
|
|
</family>
|
|
|
|
<family name="dovecot" description="IMAP mail server">
|
|
|
|
<variable name='dovecot_ca_chain' description="CA certificate" hidden='True'/>
|
|
|
|
<variable name='dovecot_local_authentifications' description="CA certificate" hidden='True' multi="True" provider="mail"/>
|
|
|
|
<family name="local_authentification_" description="Local server authentification" dynamic='dovecot_local_authentifications'>
|
|
|
|
<variable name="local_authentification_ip_" type="ip" provider="mail_ip"/>
|
|
|
|
<variable name="local_authentification_password_" type="secret" auto_save="True" provider="mail_password"/>
|
|
|
|
</family>
|
|
|
|
<variable name="revprox_ca_file" type="filename" description="Reverse proxy CA filename" hidden="True"/>
|
|
|
|
<variable name="revprox_server_domainname" type="domainname" description="Reverse proxy domain name for CA" mandatory="True"/>
|
|
|
|
</family>
|
|
|
|
</variables>
|
|
|
|
<constraints>
|
|
|
|
<fill name="get_chain">
|
|
|
|
<param name="authority_cn" type="variable">domain_name_eth0</param>
|
|
|
|
<param name="authority_name">MailServer</param>
|
|
|
|
<target>postfix_ca_chain</target>
|
|
|
|
</fill>
|
|
|
|
<fill name="get_chain">
|
|
|
|
<param name="authority_cn" type="variable">domain_name_eth0</param>
|
|
|
|
<param name="authority_name">IMAPServer</param>
|
|
|
|
<target>dovecot_ca_chain</target>
|
|
|
|
</fill>
|
|
|
|
<fill name="get_password">
|
|
|
|
<param name="server_name" type="variable">domain_name_eth0</param>
|
|
|
|
<param name="username" type="suffix"/>
|
|
|
|
<param name="description">local authentification</param>
|
|
|
|
<param name="type">cleartext</param>
|
|
|
|
<target>local_authentification_password_</target>
|
|
|
|
</fill>
|
|
|
|
<check name="set_linked_configuration">
|
|
|
|
<param name="linked_server" type="variable">smtp_relay_address</param>
|
|
|
|
<param name="linked_provider">lmtp_server</param>
|
|
|
|
<param name="linked_value" type="variable">domain_name_eth0</param>
|
|
|
|
<target>postfix_my_domains</target>
|
|
|
|
</check>
|
|
|
|
<check name="set_linked_configuration">
|
|
|
|
<param name="linked_server" type="variable">smtp_relay_address</param>
|
|
|
|
<param name="linked_provider">lmtp_criteria</param>
|
|
|
|
<param name="dynamic" type="variable">domain_name_eth0</param>
|
|
|
|
<target>postfix_my_domains</target>
|
|
|
|
</check>
|
|
|
|
<fill name="calc_value">
|
|
|
|
<param type="variable">tls_ca_directory</param>
|
2022-03-15 12:01:51 +01:00
|
|
|
<param>ca_InternalReverseProxy.crt</param>
|
2022-03-08 19:42:28 +01:00
|
|
|
<param name="join">/</param>
|
|
|
|
<target>revprox_ca_file</target>
|
|
|
|
</fill>
|
|
|
|
</constraints>
|
|
|
|
</rougail>
|