markt-de / puppet-dovecot Goto Github PK

picked your module instead of um/dovecot because i really like the hiera syntax and the flexible way i can configure all conf files in conf.d but then i haven't found a direct way to manage all the ext files like /etc/dovecot/dovecot-sql.conf.ext or /etc/dovecot/conf.d/auth-sql.conf.ext

normally dovecot uses the args setting with a file path for the settings:

/etc/dovecot/conf.d/auth-sql.conf.ext:

...
passdb {
  driver = sql

  # Path for SQL configuration file, see example-config/dovecot-sql.conf.ext
  args = /etc/dovecot/dovecot-sql.conf.ext
}
...

/etc/dovecot/dovecot-sql.conf.ext:

driver = mysql
connect = host=127.0.0.1 dbname=mailserver user=mailuser password=ChangeMe  <- use your database access password instead
default_pass_scheme = SHA256-CRYPT
password_query = SELECT email as user, password FROM virtual_users WHERE email='%u';

is it possible to set this with your module?

This repo's "about box" still links to this module in the oxc namespace on the Forge.

The current stdlib requirement of < 6.0.0 is outdated due to the latest stdlib releases which are > 6.0.0. The requirement of stdlib should be bumped to < 7.0.0 to avoid issues during installing / upgrading the module itself.

Create semver CHANGELOG that lists the changes from 0.1.0 to 1.0.0

http://keepachangelog.com/en/1.0.0/

Is there a way adding hashes into an extconfig? Most of my extconfigs follow the rules of the module and it works great so far. But I have one extconfig, for acls that are saved in the database, that would require a hash.

The final extconfig should look like this:

connect = host=127.0.0.1 dbname=mail user=username password=password
map {
  pattern = shared/shared-boxes/user/$to/$from
  table = user_shares
  value_field = dummy
  fields {
    from_user = $from
    to_user = $to
  }
}
map {
  pattern = shared/shared-boxes/anyone/$from
  table = anyone_shares
  value_field = dummy

  fields {
    from_user = $from
  }
}

The extconfigs resource I tried it with looks like this

dovecot::extconfigs:
  'dovecot-dict-sql.conf.ext':
    connect: "host=127.0.0.1 dbname=mail user=imap%{serverid} password=%{lookup('imap_mysql_password')}"
    map:
      pattern: shared/shared-boxes/user/$to/$from
      table: user_shares
      value_field: dummy
      fields:
        from_user: $from
        to_user: $to
    map:
      pattern: shared/shared-boxes/anyone/$from
      table: anyone_shares
      value_field: dummy
      fields:
        from_user: $from

Right now this fails, since only strings are allowed in the key: value mappings. Is there a way arround it?

Thanks in advance

Hi there,

I'm trying to implement multiple passdb's in my 10-auth config as users need to authenticate against two domains, however I don't seem to see a way to do this.

I can define the LDAP config within the .ext files however defining multiple passdb's isn't possible due to using duplicate key values.

      '10-auth'    => {
        disable_plaintext_auth => 'yes',
        auth_default_realm     => 'domain.co.uk',
        auth_username_char     => 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@\'',
        auth_mechanisms        => 'plain login',
        passdb                 => {
          driver => 'ldap',
          args   => '/etc/dovecot/dovecot-pass-method1-ldap.conf.ext',
        },
        passdb                 => {
          driver => 'ldap',
          args   => '/etc/dovecot/dovecot-pass-method2-ldap.conf.ext',
        },
        userdb                 => {
          driver => 'ldap',
          args   => '/etc/dovecot/dovecot-user-method1-ldap.conf.ext',
        },
        userdb                 => {
          driver => 'ldap',
          args   => '/etc/dovecot/dovecot-user-method2-ldap.conf.ext',
        },
      },

I can't work out a way that this could be done, I was thinking of using an !include configuration but this isn't supported with the whole key value pair setup.

Has anyone been able to setup dual authentication using this module?

Cheers.

I am currently using the module to set up a dovecot server. I am trying to fill the file auth-sql.conf.ext with the following content:

passdb {
  driver = sql
  args = /etc/dovecot/dovecot-sql.conf.ext
}
userdb {
  driver = sql
  args = /etc/dovecot/dovecot-sql.conf.ext
}

Declaring it in Hiera like this:

dovecot::extconfigs:
  'auth-sql.conf.ext':
    additional_content: |+
      passdb {
        driver = sql
        args = /etc/dovecot/dovecot-sql.conf.ext
      }
      userdb {
        driver = sql
        args = /etc/dovecot/dovecot-sql.conf.ext
      }

ends up with content like this:

additional_content = passdb {
  driver = sql
  args = /etc/dovecot/dovecot-sql.conf.ext
}
userdb {
  driver = sql
  args = /etc/dovecot/dovecot-sql.conf.ext
}

Whats the correct way to solve this?

The dovecot::sieve resource now requires content to be a non-optional String, which ironically still defaults to undef ;)

However, both the content and the source attributes are passed through to the file resource, and are mutually exclusive. So there is no way to set source, since content must be set to a string, which breaks the file resource ("You cannot specify more than one of content, source, target")

The easiest solution is probably to make content Optional[String], and let the file resource complain about a missing property.

Unmanaged configs within /etc/dovecot are being wiped out already by
https://github.com/oxc/puppet-dovecot/blob/855c0d85bd206eafeb339b2d073c55e6dbe5d77f/manifests/configuration.pp#L4-L12
Is there anything that would speak against adding the same purge mechanism to the underlying conf.d directory? Right now the conf.d is left untouched if there are already untouched example configs (like it's the case for e.g. EL7):
https://github.com/oxc/puppet-dovecot/blob/855c0d85bd206eafeb339b2d073c55e6dbe5d77f/manifests/configuration.pp#L15-L17

Are we missing $extconfigfile in the init.pp so we can use extconfig and extconfigfile both ?

I'm not sure but is this based on the current dovecot design as I now use $configs to fill my dovecot-ldap.conf.ext for an example and I doubt if this is the right way.

functions/create_config_file_resources.pp contains the parameter $include_in_main_config which is ignored in the function.

Hey,

I am having a hard time finding a way to declare an empty section, like

plugin {
}

This notiation…

plugin        => {},

… gets ignored unless you put configuration entries in the brackets.

Do you have a suggestion on how to write the puppet code?

Thanks and best.

Please let me know when this module is released on the puppet forge under the new namespace, so I can deprecate the old module.