# {{ ansible_managed }}

base_dir				= /var/run/dovecot
import_environment			= TZ LC_CTYPE LC_TIME LC_COLLATE LC_NUMERIC LC_MONETARY
log_path				= /dev/stderr

default_vsz_limit			= 2 G
verbose_proctitle			= yes
doveadm_worker_count			= 8

mail_location				= mdbox:~/mdbox
mail_plugins				= fts fts_xapian

listen					= {{ dovecot_listen }}

ssl					= required
ssl_cert				= </usr/local/etc/dovecot/fullchain.pem
ssl_key					= </usr/local/etc/dovecot/privkey.pem
ssl_cipher_list				= 'EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA256:EECDH:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!IDEA:!ECDSA:kEDH:CAMELLIA128-SHA:AES128-SHA'
ssl_prefer_server_ciphers		= yes
ssl_options				= no_compression
ssl_dh					= </usr/local/etc/dovecot/dh.pem


plugin {
	fts				= xapian
	fts_xapian			= partial=3 full=20 attachments=0 verbose=0
	fts_autoindex			= yes
	fts_enforced			= yes
	fts_autoindex_exclude		= \Trash
}

plugin {
	sieve				= ~/.dovecot.sieve
	sieve_dir			= ~/sieve
	sieve_extensions		= +vacation-seconds
	sieve_vacation_min_period	= 1d
	sieve_vacation_default_period	= 1d
	sieve_vacation_max_period	= 30d
}

namespace inbox {
	inbox			= yes

	mailbox Drafts {
		special_use	= \Drafts
		auto		= subscribe
	}

	mailbox Junk {
		special_use	= \Junk
		auto		= subscribe
	}

	mailbox Sent {
		special_use	= \Sent
		auto		= subscribe
	}

	mailbox Trash {
		special_use	= \Trash
		auto 		= subscribe
	}
}

passdb {
	driver		= passwd-file
	args		= /usr/local/etc/dovecot/passwd
}

userdb {
	driver		= passwd-file
	args		= /usr/local/etc/dovecot/passwd
	default_fields	= uid=vmail gid=vmail home=/var/vmail/%d/%n
}

protocols		= imap lmtp sieve

auth_mechanisms		= plain login
auth_default_realm	= %{hostname}
service auth {
	unix_listener /var/spool/postfix/private/dovecot-auth {
		user	= postfix
		group	= postfix
		mode	= 0600
	}
}

service lmtp {
	unix_listener /var/spool/postfix/private/dovecot-lmtp {
		user	= postfix
		group	= postfix
		mode	= 0600
	}
}

service managesieve-login {
	inet_listener sieve {
		port	= 4190
	}

	inet_listener sieve_deprecated {
		port	= 2000
	}
	
	service_count	= 1
}

service imap-login {
	inet_listener imap {
		port	= 143
	}

	inet_listener imaps {
		port	= 993
		ssl	= yes
	}

	process_limit	= 128
}

protocol lmtp {
	mail_plugins = $mail_plugins sieve
}