From 55869cdc86173edfa73cd323c57d5c7c8fecd40b Mon Sep 17 00:00:00 2001
From: louis <louis@systemli.org>
Date: Wed, 11 Dec 2024 14:21:57 +0100
Subject: [PATCH] Add Option to configure environment variables

---
 defaults/main.yml                             |  8 ++--
 .../system/dovecot.service.d/environment.conf |  2 +
 tasks/main.yml                                | 13 +-----
 tasks/systemd-limits.yml                      | 20 ---------
 tasks/systemd.yml                             | 41 +++++++++++++++++++
 templates/auth-checkpassword.conf.ext.j2      | 19 ---------
 6 files changed, 50 insertions(+), 53 deletions(-)
 create mode 100644 files/systemd/system/dovecot.service.d/environment.conf
 delete mode 100644 tasks/systemd-limits.yml
 create mode 100644 tasks/systemd.yml
 delete mode 100644 templates/auth-checkpassword.conf.ext.j2

diff --git a/defaults/main.yml b/defaults/main.yml
index 28462c0..07b0bf6 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -49,9 +49,6 @@ dovecot_postfix_auth: false
 dovecot_quota_options: ":ignoreunlimited:noenforcing"
 dovecot_quota_storage: 1G
 
-dovecot_userli_path: /vagrant
-dovecot_userli_user: vagrant
-
 dovecot_vmail_path: /var/vmail
 
 dovecot_openmetrics_enabled: false
@@ -63,3 +60,8 @@ dovecot_backup_follower: false
 
 # backup script
 dovecot_backup_script_path: "/root/sync_mailboxes_to_remote.sh"
+
+# dovecot systemd environment
+dovecot_systemd_environment: |
+  # Set to '1' to allow Dovecot daemons to produce core dumps
+  #ALLOW_COREDUMPS=1
diff --git a/files/systemd/system/dovecot.service.d/environment.conf b/files/systemd/system/dovecot.service.d/environment.conf
new file mode 100644
index 0000000..d357b0b
--- /dev/null
+++ b/files/systemd/system/dovecot.service.d/environment.conf
@@ -0,0 +1,2 @@
+[Service]
+EnvironmentFile=/etc/default/dovecot
diff --git a/tasks/main.yml b/tasks/main.yml
index 0210a33..5b039b1 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -35,8 +35,8 @@
     pkg: "{{ dovecot_apt_packages }}"
     state: present
 
-- name: Import systemd limits tasks
-  import_tasks: systemd-limits.yml
+- name: Import systemd tasks
+  import_tasks: systemd.yml
 
 - name: Ensure dovecot is in group of userli
   user:
@@ -58,15 +58,6 @@
     regexp: "login_greeting ="
   notify: Restart dovecot
 
-- name: Copy checkpassword auth config
-  template:
-    src: auth-checkpassword.conf.ext.j2
-    dest: /etc/dovecot/conf.d/auth-checkpassword.conf.ext
-    owner: root
-    group: root
-    mode: 0644
-  notify: Restart dovecot
-
 - name: Create self-signed ssl cert
   when: dovecot_ssl_key is not defined
   block:
diff --git a/tasks/systemd-limits.yml b/tasks/systemd-limits.yml
deleted file mode 100644
index 6dbb648..0000000
--- a/tasks/systemd-limits.yml
+++ /dev/null
@@ -1,20 +0,0 @@
----
-
-- name: Ensure systemd dovecot include directory is present
-  file:
-    path: /etc/systemd/system/dovecot.service.d/
-    owner: root
-    group: root
-    mode: 0755
-    state: directory
-
-- name: Copy systemd limits file for dovecot service
-  copy:
-    src: systemd/system/dovecot.service.d/limits.conf
-    dest: /etc/systemd/system/dovecot.service.d/limits.conf
-    owner: root
-    group: root
-    mode: 0644
-  notify:
-    - Reload systemd
-    - Restart dovecot
diff --git a/tasks/systemd.yml b/tasks/systemd.yml
new file mode 100644
index 0000000..6f1f387
--- /dev/null
+++ b/tasks/systemd.yml
@@ -0,0 +1,41 @@
+---
+- name: Create systemd drop in directory
+  file:
+    path: /etc/systemd/system/dovecot.service.d/
+    owner: root
+    group: root
+    mode: 0755
+    state: directory
+
+- name: Copy systemd limits drop in
+  copy:
+    src: systemd/system/dovecot.service.d/limits.conf
+    dest: /etc/systemd/system/dovecot.service.d/limits.conf
+    owner: root
+    group: root
+    mode: 0644
+  notify:
+    - Reload systemd
+    - Restart dovecot
+
+- name: Copy environment file
+  copy:
+    content: "{{ dovecot_systemd_environment }}"
+    dest: /etc/default/dovecot
+    owner: root
+    group: root
+    mode: 0640
+  notify:
+    - Reload systemd
+    - Restart dovecot
+
+- name: Copy systemd environment drop in
+  copy:
+    src: systemd/system/dovecot.service.d/environment.conf
+    dest: /etc/systemd/system/dovecot.service.d/environment.conf
+    owner: root
+    group: root
+    mode: 0644
+  notify:
+    - Reload systemd
+    - Restart dovecot
diff --git a/templates/auth-checkpassword.conf.ext.j2 b/templates/auth-checkpassword.conf.ext.j2
deleted file mode 100644
index cf2bd5b..0000000
--- a/templates/auth-checkpassword.conf.ext.j2
+++ /dev/null
@@ -1,19 +0,0 @@
-# Authentication for checkpassword users. Included from 10-auth.conf.
-#
-# <doc/wiki/AuthDatabase.CheckPassword.txt>
-
-passdb {
-  driver = checkpassword
-  args = {{ dovecot_userli_path}}/bin/console app:users:checkpassword
-}
-
-# passdb lookup should return also userdb info
-userdb {
-  driver = prefetch
-}
-
-# The userdb below is used only by lda.
-userdb {
-  driver = checkpassword
-  args = {{ dovecot_userli_path}}/bin/console app:users:checkpassword
-}