From cb24e263417972692baee6a1381d4cada434d835 Mon Sep 17 00:00:00 2001 From: Herman van Rink Date: Sat, 21 May 2022 20:56:57 +0200 Subject: [PATCH] Backport MR !889, unify settings between distros and improves --- install/tpl/debian6_dovecot-sql.conf.master | 11 +- install/tpl/debian_dovecot-sql.conf.master | 119 +---------------- install/tpl/fedora_dovecot-sql.conf.master | 131 +------------------ install/tpl/opensuse_dovecot-sql.conf.master | 131 +------------------ 4 files changed, 4 insertions(+), 388 deletions(-) diff --git a/install/tpl/debian6_dovecot-sql.conf.master b/install/tpl/debian6_dovecot-sql.conf.master index 32a25c995d..d0b5269e13 100644 --- a/install/tpl/debian6_dovecot-sql.conf.master +++ b/install/tpl/debian6_dovecot-sql.conf.master @@ -1,13 +1,4 @@ # http://wiki.dovecot.org/AuthDatabase/SQL -# -# CREATE TABLE users ( -# userid VARCHAR(128) NOT NULL, -# password VARCHAR(64) NOT NULL, -# home VARCHAR(255) NOT NULL, -# uid INTEGER NOT NULL, -# gid INTEGER NOT NULL, -# active CHAR(1) DEFAULT 'Y' NOT NULL -# ); driver = mysql connect = host={mysql_server_host} dbname={mysql_server_database} user={mysql_server_ispconfig_user} password={mysql_server_ispconfig_password} port={mysql_server_port} @@ -20,4 +11,4 @@ user_query = SELECT email as user, maildir as home, CONCAT( maildir_format, ':', # The iterate_query is required for the doveadm command only and works only on dovecot 2 servers. # Do not enable it on Dovecot 1.x servers -# iterate_query = SELECT email as user FROM mail_user WHERE server_id = '{server_id}' +# iterate_query = SELECT email as user FROM mail_user WHERE disabledoveadm='n' AND server_id = '{server_id}' diff --git a/install/tpl/debian_dovecot-sql.conf.master b/install/tpl/debian_dovecot-sql.conf.master index f067d6ba10..d0b5269e13 100644 --- a/install/tpl/debian_dovecot-sql.conf.master +++ b/install/tpl/debian_dovecot-sql.conf.master @@ -1,120 +1,4 @@ -# This file is opened as root, so it should be owned by root and mode 0600. -# # http://wiki.dovecot.org/AuthDatabase/SQL -# -# For the sql passdb module, you'll need a database with a table that -# contains fields for at least the userid and password. If you want to -# use the user@domain syntax, you might want to have a separate domain -# field as well. -# -# If your users all have the same uig/gid, and have predictable home -# directories, you can use the static userdb module to generate the home -# dir based on the userid and domain. In this case, you won't need fields -# for home, uid, or gid in the database. -# -# If you prefer to use the sql userdb module, you'll want to add fields -# for home, uid, and gid. Here is an example table: -# -# CREATE TABLE users ( -# userid VARCHAR(128) NOT NULL, -# password VARCHAR(64) NOT NULL, -# home VARCHAR(255) NOT NULL, -# uid INTEGER NOT NULL, -# gid INTEGER NOT NULL, -# active CHAR(1) DEFAULT 'Y' NOT NULL -# ); - -# Database driver: mysql, pgsql, sqlite -#driver = - -# Database connection string. This is driver-specific setting. -# -# pgsql: -# For available options, see the PostgreSQL documention for the -# PQconnectdb function of libpq. -# -# mysql: -# Basic options emulate PostgreSQL option names: -# host, port, user, password, dbname -# -# But also adds some new settings: -# client_flags - See MySQL manual -# ssl_ca, ssl_ca_path - Set either one or both to enable SSL -# ssl_cert, ssl_key - For sending client-side certificates to server -# ssl_cipher - Set minimum allowed cipher security (default: HIGH) -# -# You can connect to UNIX sockets by using host: host=/var/run/mysqld/mysqld.sock -# Note that currently you can't use spaces in parameters. -# -# sqlite: -# The path to the database file. -# -# Examples: -# connect = host=192.168.1.1 dbname=users -# connect = host=sql.example.com dbname=virtual user=virtual password=blarg -# connect = /etc/dovecot/authdb.sqlite -# -#connect = dbname=virtual user=virtual - -# Default password scheme. -# -# List of supported schemes is in -# http://wiki.dovecot.org/Authentication/PasswordSchemes -# -#default_pass_scheme = PLAIN-MD5 - -# Query to retrieve the password. -# -# This query must return only one row with "user" and "password" columns. -# The query can also return other fields which have a special meaning, see -# http://wiki.dovecot.org/PasswordDatabase/ExtraFields -# -# The "user" column is needed to make sure the username gets used with exactly -# the same casing as it's in the database. Note that if you store username and -# domain in separate fields, you most likely want to return a combination of -# them as the "user" column, otherwise the domain gets stripped. -# -# Commonly used available substitutions (see -# http://wiki.dovecot.org/Variables for full list): -# %u = entire userid -# %n = user part of user@domain -# %d = domain part of user@domain -# -# Note that these can be used only as input to SQL query. If the query outputs -# any of these substitutions, they're not touched. Otherwise it would be -# difficult to have eg. usernames containing '%' characters. -# -# Example: -# password_query = SELECT concat(userid, '@', domain) AS user, password FROM users WHERE userid = '%n' AND domain = '%d' -# password_query = SELECT pw AS password FROM users WHERE userid = '%u' AND active = 'Y' -# -#password_query = SELECT userid as user, password FROM users WHERE userid = '%u' - -# Query to retrieve the user information. -# -# The query must return only one row. Commonly returned columns are: -# uid - System UID -# gid - System GID -# home - Home directory -# mail - Mail location -# -# Either home or mail is required. uid and gid are required. If more than one -# row is returned or there are missing fields, the login will fail. For a list -# of all fields that can be returned, see -# http://wiki.dovecot.org/UserDatabase/ExtraFields -# -# Examples -# user_query = SELECT home, uid, gid FROM users WHERE userid = '%n' AND domain = '%d' -# user_query = SELECT dir AS home, user AS uid, group AS gid FROM users where userid = '%u' -# user_query = SELECT home, 501 AS uid, 501 AS gid FROM users WHERE userid = '%u' -# -#user_query = SELECT home, uid, gid FROM users WHERE userid = '%u' - -# If you wish to avoid two SQL lookups (passdb + userdb), you can use -# userdb prefetch instead of userdb sql in dovecot.conf. In that case you'll -# also have to return userdb fields in password_query prefixed with "userdb_" -# string. For example: -#password_query = SELECT userid as user, password, home as userdb_home, uid as userdb_uid, gid as userdb_gid FROM users WHERE userid = '%u' driver = mysql connect = host={mysql_server_host} dbname={mysql_server_database} user={mysql_server_ispconfig_user} password={mysql_server_ispconfig_password} port={mysql_server_port} @@ -127,5 +11,4 @@ user_query = SELECT email as user, maildir as home, CONCAT( maildir_format, ':', # The iterate_query is required for the doveadm command only and works only on dovecot 2 servers. # Do not enable it on Dovecot 1.x servers -# iterate_query = SELECT email as user FROM mail_user WHERE server_id = '{server_id}' - +# iterate_query = SELECT email as user FROM mail_user WHERE disabledoveadm='n' AND server_id = '{server_id}' diff --git a/install/tpl/fedora_dovecot-sql.conf.master b/install/tpl/fedora_dovecot-sql.conf.master index bac4c9d13d..d0b5269e13 100644 --- a/install/tpl/fedora_dovecot-sql.conf.master +++ b/install/tpl/fedora_dovecot-sql.conf.master @@ -1,133 +1,4 @@ -# This file is opened as root, so it should be owned by root and mode 0600. -# # http://wiki.dovecot.org/AuthDatabase/SQL -# -# For the sql passdb module, you'll need a database with a table that -# contains fields for at least the username and password. If you want to -# use the user@domain syntax, you might want to have a separate domain -# field as well. -# -# If your users all have the same uig/gid, and have predictable home -# directories, you can use the static userdb module to generate the home -# dir based on the username and domain. In this case, you won't need fields -# for home, uid, or gid in the database. -# -# If you prefer to use the sql userdb module, you'll want to add fields -# for home, uid, and gid. Here is an example table: -# -# CREATE TABLE users ( -# username VARCHAR(128) NOT NULL, -# domain VARCHAR(128) NOT NULL, -# password VARCHAR(64) NOT NULL, -# home VARCHAR(255) NOT NULL, -# uid INTEGER NOT NULL, -# gid INTEGER NOT NULL, -# active CHAR(1) DEFAULT 'Y' NOT NULL -# ); - -# Database driver: mysql, pgsql, sqlite -#driver = - -# Database connection string. This is driver-specific setting. -# -# pgsql: -# For available options, see the PostgreSQL documention for the -# PQconnectdb function of libpq. -# -# mysql: -# Basic options emulate PostgreSQL option names: -# host, port, user, password, dbname -# -# But also adds some new settings: -# client_flags - See MySQL manual -# ssl_ca, ssl_ca_path - Set either one or both to enable SSL -# ssl_cert, ssl_key - For sending client-side certificates to server -# ssl_cipher - Set minimum allowed cipher security (default: HIGH) -# option_file - Read options from the given file instead of -# the default my.cnf location -# option_group - Read options from the given group (default: client) -# -# You can connect to UNIX sockets by using host: host=/var/run/mysql.sock -# Note that currently you can't use spaces in parameters. -# -# MySQL supports multiple host parameters for load balancing / HA. -# -# sqlite: -# The path to the database file. -# -# Examples: -# connect = host=192.168.1.1 dbname=users -# connect = host=sql.example.com dbname=virtual user=virtual password=blarg -# connect = /etc/dovecot/authdb.sqlite -# -#connect = - -# Default password scheme. -# -# List of supported schemes is in -# http://wiki.dovecot.org/Authentication/PasswordSchemes -# -#default_pass_scheme = MD5 - -# passdb query to retrieve the password. It can return fields: -# password - The user's password. This field must be returned. -# user - user@domain from the database. Needed with case-insensitive lookups. -# username and domain - An alternative way to represent the "user" field. -# -# The "user" field is often necessary with case-insensitive lookups to avoid -# e.g. "name" and "nAme" logins creating two different mail directories. If -# your user and domain names are in separate fields, you can return "username" -# and "domain" fields instead of "user". -# -# The query can also return other fields which have a special meaning, see -# http://wiki.dovecot.org/PasswordDatabase/ExtraFields -# -# Commonly used available substitutions (see http://wiki.dovecot.org/Variables -# for full list): -# %u = entire user@domain -# %n = user part of user@domain -# %d = domain part of user@domain -# -# Note that these can be used only as input to SQL query. If the query outputs -# any of these substitutions, they're not touched. Otherwise it would be -# difficult to have eg. usernames containing '%' characters. -# -# Example: -# password_query = SELECT userid AS user, pw AS password \ -# FROM users WHERE userid = '%u' AND active = 'Y' -# -#password_query = \ -# SELECT username, domain, password \ -# FROM users WHERE username = '%n' AND domain = '%d' - -# userdb query to retrieve the user information. It can return fields: -# uid - System UID (overrides mail_uid setting) -# gid - System GID (overrides mail_gid setting) -# home - Home directory -# mail - Mail location (overrides mail_location setting) -# -# None of these are strictly required. If you use a single UID and GID, and -# home or mail directory fits to a template string, you could use userdb static -# instead. For a list of all fields that can be returned, see -# http://wiki.dovecot.org/UserDatabase/ExtraFields -# -# Examples: -# user_query = SELECT home, uid, gid FROM users WHERE userid = '%u' -# user_query = SELECT dir AS home, user AS uid, group AS gid FROM users where userid = '%u' -# user_query = SELECT home, 501 AS uid, 501 AS gid FROM users WHERE userid = '%u' -# -#user_query = \ -# SELECT home, uid, gid \ -# FROM users WHERE username = '%n' AND domain = '%d' - -# If you wish to avoid two SQL lookups (passdb + userdb), you can use -# userdb prefetch instead of userdb sql in dovecot.conf. In that case you'll -# also have to return userdb fields in password_query prefixed with "userdb_" -# string. For example: -#password_query = \ -# SELECT userid AS user, password, \ -# home AS userdb_home, uid AS userdb_uid, gid AS userdb_gid \ -# FROM users WHERE userid = '%u' driver = mysql connect = host={mysql_server_host} dbname={mysql_server_database} user={mysql_server_ispconfig_user} password={mysql_server_ispconfig_password} port={mysql_server_port} @@ -140,4 +11,4 @@ user_query = SELECT email as user, maildir as home, CONCAT( maildir_format, ':', # The iterate_query is required for the doveadm command only and works only on dovecot 2 servers. # Do not enable it on Dovecot 1.x servers -# iterate_query = SELECT email as user FROM mail_user WHERE server_id = '{server_id}' +# iterate_query = SELECT email as user FROM mail_user WHERE disabledoveadm='n' AND server_id = '{server_id}' diff --git a/install/tpl/opensuse_dovecot-sql.conf.master b/install/tpl/opensuse_dovecot-sql.conf.master index bac4c9d13d..d0b5269e13 100644 --- a/install/tpl/opensuse_dovecot-sql.conf.master +++ b/install/tpl/opensuse_dovecot-sql.conf.master @@ -1,133 +1,4 @@ -# This file is opened as root, so it should be owned by root and mode 0600. -# # http://wiki.dovecot.org/AuthDatabase/SQL -# -# For the sql passdb module, you'll need a database with a table that -# contains fields for at least the username and password. If you want to -# use the user@domain syntax, you might want to have a separate domain -# field as well. -# -# If your users all have the same uig/gid, and have predictable home -# directories, you can use the static userdb module to generate the home -# dir based on the username and domain. In this case, you won't need fields -# for home, uid, or gid in the database. -# -# If you prefer to use the sql userdb module, you'll want to add fields -# for home, uid, and gid. Here is an example table: -# -# CREATE TABLE users ( -# username VARCHAR(128) NOT NULL, -# domain VARCHAR(128) NOT NULL, -# password VARCHAR(64) NOT NULL, -# home VARCHAR(255) NOT NULL, -# uid INTEGER NOT NULL, -# gid INTEGER NOT NULL, -# active CHAR(1) DEFAULT 'Y' NOT NULL -# ); - -# Database driver: mysql, pgsql, sqlite -#driver = - -# Database connection string. This is driver-specific setting. -# -# pgsql: -# For available options, see the PostgreSQL documention for the -# PQconnectdb function of libpq. -# -# mysql: -# Basic options emulate PostgreSQL option names: -# host, port, user, password, dbname -# -# But also adds some new settings: -# client_flags - See MySQL manual -# ssl_ca, ssl_ca_path - Set either one or both to enable SSL -# ssl_cert, ssl_key - For sending client-side certificates to server -# ssl_cipher - Set minimum allowed cipher security (default: HIGH) -# option_file - Read options from the given file instead of -# the default my.cnf location -# option_group - Read options from the given group (default: client) -# -# You can connect to UNIX sockets by using host: host=/var/run/mysql.sock -# Note that currently you can't use spaces in parameters. -# -# MySQL supports multiple host parameters for load balancing / HA. -# -# sqlite: -# The path to the database file. -# -# Examples: -# connect = host=192.168.1.1 dbname=users -# connect = host=sql.example.com dbname=virtual user=virtual password=blarg -# connect = /etc/dovecot/authdb.sqlite -# -#connect = - -# Default password scheme. -# -# List of supported schemes is in -# http://wiki.dovecot.org/Authentication/PasswordSchemes -# -#default_pass_scheme = MD5 - -# passdb query to retrieve the password. It can return fields: -# password - The user's password. This field must be returned. -# user - user@domain from the database. Needed with case-insensitive lookups. -# username and domain - An alternative way to represent the "user" field. -# -# The "user" field is often necessary with case-insensitive lookups to avoid -# e.g. "name" and "nAme" logins creating two different mail directories. If -# your user and domain names are in separate fields, you can return "username" -# and "domain" fields instead of "user". -# -# The query can also return other fields which have a special meaning, see -# http://wiki.dovecot.org/PasswordDatabase/ExtraFields -# -# Commonly used available substitutions (see http://wiki.dovecot.org/Variables -# for full list): -# %u = entire user@domain -# %n = user part of user@domain -# %d = domain part of user@domain -# -# Note that these can be used only as input to SQL query. If the query outputs -# any of these substitutions, they're not touched. Otherwise it would be -# difficult to have eg. usernames containing '%' characters. -# -# Example: -# password_query = SELECT userid AS user, pw AS password \ -# FROM users WHERE userid = '%u' AND active = 'Y' -# -#password_query = \ -# SELECT username, domain, password \ -# FROM users WHERE username = '%n' AND domain = '%d' - -# userdb query to retrieve the user information. It can return fields: -# uid - System UID (overrides mail_uid setting) -# gid - System GID (overrides mail_gid setting) -# home - Home directory -# mail - Mail location (overrides mail_location setting) -# -# None of these are strictly required. If you use a single UID and GID, and -# home or mail directory fits to a template string, you could use userdb static -# instead. For a list of all fields that can be returned, see -# http://wiki.dovecot.org/UserDatabase/ExtraFields -# -# Examples: -# user_query = SELECT home, uid, gid FROM users WHERE userid = '%u' -# user_query = SELECT dir AS home, user AS uid, group AS gid FROM users where userid = '%u' -# user_query = SELECT home, 501 AS uid, 501 AS gid FROM users WHERE userid = '%u' -# -#user_query = \ -# SELECT home, uid, gid \ -# FROM users WHERE username = '%n' AND domain = '%d' - -# If you wish to avoid two SQL lookups (passdb + userdb), you can use -# userdb prefetch instead of userdb sql in dovecot.conf. In that case you'll -# also have to return userdb fields in password_query prefixed with "userdb_" -# string. For example: -#password_query = \ -# SELECT userid AS user, password, \ -# home AS userdb_home, uid AS userdb_uid, gid AS userdb_gid \ -# FROM users WHERE userid = '%u' driver = mysql connect = host={mysql_server_host} dbname={mysql_server_database} user={mysql_server_ispconfig_user} password={mysql_server_ispconfig_password} port={mysql_server_port} @@ -140,4 +11,4 @@ user_query = SELECT email as user, maildir as home, CONCAT( maildir_format, ':', # The iterate_query is required for the doveadm command only and works only on dovecot 2 servers. # Do not enable it on Dovecot 1.x servers -# iterate_query = SELECT email as user FROM mail_user WHERE server_id = '{server_id}' +# iterate_query = SELECT email as user FROM mail_user WHERE disabledoveadm='n' AND server_id = '{server_id}' -- GitLab