Explicitly set mailbox uid for doveadm

author: Joe Banks <[email protected]> 2024-08-22 23:08:24 +0100
committer: Joe Banks <[email protected]> 2024-08-23 16:52:19 +0100
commit: 7094492701152d833a7eaff3f593bedd00ce8e5f (patch)
tree: bb48b8b3b818b089cb80c1d161c40e43571d5e5e /ansible
parent: Add high maxretry for Postfix fail2ban rules (diff)
2 files changed, 4 insertions, 2 deletions
diff --git a/ansible/roles/dovecot/templates/configs/10-mail.conf.j2 b/ansible/roles/dovecot/templates/configs/10-mail.conf.j2
index decdab4..8b25e8d 100644
--- a/ansible/roles/dovecot/templates/configs/10-mail.conf.j2
+++ b/ansible/roles/dovecot/templates/configs/10-mail.conf.j2
@@ -109,8 +109,8 @@ namespace inbox {
 # System user and group used to access mails. If you use multiple, userdb
 # can override these by returning uid or gid fields. You can use either numbers
 # or names. <doc/wiki/UserIds.txt>
-#mail_uid =
-#mail_gid =
+mail_uid = {{ dovecot_mail_uid }}
+mail_gid = {{ dovecot_mail_gid }}
 
 # Group to enable temporarily for privileged operations. Currently this is
 # used only with INBOX when either its initial creation or dotlocking fails.
diff --git a/ansible/roles/dovecot/vars/main/main.yml b/ansible/roles/dovecot/vars/main/main.yml
index 1cc93e2..3208bc0 100644
--- a/ansible/roles/dovecot/vars/main/main.yml
+++ b/ansible/roles/dovecot/vars/main/main.yml
@@ -3,3 +3,5 @@ dovecot_ldap_host: "ldaps://ldap01.box.pydis.wtf:636"
 dovecot_ldap_user: "uid=dovecot,cn=users,cn=accounts,dc=box,dc=pydis,dc=wtf"
 dovecot_ldap_password: "{{ vault_dovecot_ldap_password }}"
 dovecot_ldap_tls_ca: "/etc/ipa/ca.crt"
+dovecot_mail_uid: "5000" # vmail user
+dovecot_mail_gid: "5000" # vmail group
author	Joe Banks <[email protected]>	2024-08-22 23:08:24 +0100
committer	Joe Banks <[email protected]>	2024-08-23 16:52:19 +0100
commit	7094492701152d833a7eaff3f593bedd00ce8e5f (patch)
tree	bb48b8b3b818b089cb80c1d161c40e43571d5e5e /ansible
parent	Add high maxretry for Postfix fail2ban rules (diff)