Skip to content
Snippets Groups Projects
Commit f57bcbe5 authored by Lars Beckers's avatar Lars Beckers
Browse files

dovecot: allow configuration of authentication mechanisms

parent 497c0e8f
Branches
No related tags found
1 merge request!16Minimal Viable FSMPI Deployment
Show whitespace changes
Inline Side-by-side
dovecot/defaults/main.yml
+ 8
0
View file @ f57bcbe5
...@@ -32,4 +32,12 @@ dovecot_content_filter: false ...@@ -32,4 +32,12 @@ dovecot_content_filter: false
dovecot_spam_folder: Spam dovecot_spam_folder: Spam
dovecot_spam_user: "${1}" # debian-spamd dovecot_spam_user: "${1}" # debian-spamd
dovecot_sieve: 'file:~/sieve;active=~/.dovecot.sieve' dovecot_sieve: 'file:~/sieve;active=~/.dovecot.sieve'
# These variables were introduced for compatibility to a certain setup.
# They may disappear without prior notice and/or may not work as expected.
dovecot_auth_realms: []
dovecot_auth_default_realm: ''
dovecot_auth_krb5_keytab: ''
dovecot_auth_mechanisms:
- plain
dovecot_special_mailbox_auto_subscribe: false dovecot_special_mailbox_auto_subscribe: false
dovecot/templates/conf.d/10-auth.conf.j2
+ 4
4
View file @ f57bcbe5
...@@ -26,11 +26,11 @@ disable_plaintext_auth = yes ...@@ -26,11 +26,11 @@ disable_plaintext_auth = yes
# them. You can leave it empty if you don't want to support multiple realms. # them. You can leave it empty if you don't want to support multiple realms.
# Many clients simply use the first one listed here, so keep the default realm # Many clients simply use the first one listed here, so keep the default realm
# first. # first.
#auth_realms = auth_realms = {{ dovecot_auth_realms|join(" ") }}
# Default realm/domain to use if none was specified. This is used for both # Default realm/domain to use if none was specified. This is used for both
# SASL realms and appending @domain to username in plaintext logins. # SASL realms and appending @domain to username in plaintext logins.
#auth_default_realm = auth_default_realm = {{ dovecot_auth_default_realm }}
# List of allowed characters in username. If the user-given username contains # List of allowed characters in username. If the user-given username contains
# a character not listed in here, the login automatically fails. This is just # a character not listed in here, the login automatically fails. This is just
...@@ -77,7 +77,7 @@ auth_username_format = %Ln ...@@ -77,7 +77,7 @@ auth_username_format = %Ln
# Kerberos keytab to use for the GSSAPI mechanism. Will use the system # Kerberos keytab to use for the GSSAPI mechanism. Will use the system
# default (usually /etc/krb5.keytab) if not specified. You may need to change # default (usually /etc/krb5.keytab) if not specified. You may need to change
# the auth service to run as root to be able to read this file. # the auth service to run as root to be able to read this file.
#auth_krb5_keytab = auth_krb5_keytab = {{ dovecot_auth_krb5_keytab }}
# Do NTLM and GSS-SPNEGO authentication using Samba's winbind daemon and # Do NTLM and GSS-SPNEGO authentication using Samba's winbind daemon and
# ntlm_auth helper. <doc/wiki/Authentication/Mechanisms/Winbind.txt> # ntlm_auth helper. <doc/wiki/Authentication/Mechanisms/Winbind.txt>
...@@ -101,7 +101,7 @@ auth_username_format = %Ln ...@@ -101,7 +101,7 @@ auth_username_format = %Ln
# plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi otp # plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi otp
# gss-spnego # gss-spnego
# NOTE: See also disable_plaintext_auth setting. # NOTE: See also disable_plaintext_auth setting.
auth_mechanisms = plain auth_mechanisms = {{ dovecot_auth_mechanisms|join(" ") }}
## ##
## Password and user databases ## Password and user databases
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment