3 files changed, 4 insertions, 5 deletions

diff --git a/ansible/roles/dovecot/tasks/main.yml b/ansible/roles/dovecot/tasks/main.yml
index 1e182a4..759a38d 100644
--- a/ansible/roles/dovecot/tasks/main.yml
+++ b/ansible/roles/dovecot/tasks/main.yml
@@ -23,7 +23,7 @@
 - name: Create the vmail user
   user:
     name: vmail
-    uid: 5000
+    uid: "{{ dovecot_vmail_uid }}"
     group: vmail
     home: /var/vmail
   tags:
diff --git a/ansible/roles/dovecot/templates/configs/10-mail.conf.j2 b/ansible/roles/dovecot/templates/configs/10-mail.conf.j2
index 8002e17..891e044 100644
--- a/ansible/roles/dovecot/templates/configs/10-mail.conf.j2
+++ b/ansible/roles/dovecot/templates/configs/10-mail.conf.j2
@@ -109,8 +109,8 @@ namespace inbox {
 # System user and group used to access mails. If you use multiple, userdb
 # can override these by returning uid or gid fields. You can use either numbers
 # or names. <doc/wiki/UserIds.txt>
-mail_uid = {{ dovecot_mail_uid }}
-mail_gid = {{ dovecot_mail_gid }}
+mail_uid = {{ dovecot_vmail_uid }}
+mail_gid = {{ dovecot_vmail_uid }}
 
 # Group to enable temporarily for privileged operations. Currently this is
 # used only with INBOX when either its initial creation or dotlocking fails.
diff --git a/ansible/roles/dovecot/vars/main/main.yml b/ansible/roles/dovecot/vars/main/main.yml
index 3208bc0..ef5e580 100644
--- a/ansible/roles/dovecot/vars/main/main.yml
+++ b/ansible/roles/dovecot/vars/main/main.yml
@@ -3,5 +3,4 @@ dovecot_ldap_host: "ldaps://ldap01.box.pydis.wtf:636"
 dovecot_ldap_user: "uid=dovecot,cn=users,cn=accounts,dc=box,dc=pydis,dc=wtf"
 dovecot_ldap_password: "{{ vault_dovecot_ldap_password }}"
 dovecot_ldap_tls_ca: "/etc/ipa/ca.crt"
-dovecot_mail_uid: "5000" # vmail user
-dovecot_mail_gid: "5000" # vmail group
+dovecot_vmail_uid: "5000"