Debian exim/dovecot email server with Saltstack – Dovecot IMAP

I use Dovecot as my IMAP/IMAPS server – it has always worked very reliably for me.

srv/salt/dovecot.sls

First, this file needs to include sslcerts.sls to make sure that the certificates are installed. Dovecot starts as root so it doesn’t need any special groups to get access to the key.

Once the packages are installed there is a bit of configuration to set up:

  • Configure the system to use Maildir format;
  • Get rid of any configuration to use mbox format;
  • Ensure that SSL is turned on and that the ssl_cert and ssl_key values are set correctly;
  • Ensure that SSL isn’t turned off.
# Ensure we have the SSL certs available
include:
  - sslcerts

# Installs and configures the Dovecot IMAP server
dovecot-core:
  pkg:
    - installed
dovecot-imapd:
  pkg:
    - installed
dovecot-sieve:
  pkg:
    - installed

# Set the mailbox location - required
/etc/dovecot/conf.d/10-mail.conf-A:
  file.blockreplace:
    - name: /etc/dovecot/conf.d/10-mail.conf
    - marker_start: '# ------- SALTSTACK DOVECOT START -------'
    - marker_end:   '# ------- SALTSTACK DOVECOT END -------'
    - prepend_if_not_found: True
    - content: 'mail_location = maildir:~/Maildir'

/etc/dovecot/conf.d/10-mail.conf-B:
  file.comment:
    - name: /etc/dovecot/conf.d/10-mail.conf
    - regex: '^mail_location = mbox.*$'

# Use the central SSL cert and key
/etc/dovecot/conf.d/10-ssl.conf-A:
  file.blockreplace:
    - name: /etc/dovecot/conf.d/10-ssl.conf
    - marker_start: '# ------- SALTSTACK DOVECOT START -------'
    - marker_end:   '# ------- SALTSTACK DOVECOT END -------'
    - prepend_if_not_found: True
    - require:
        - sls: sslcerts
    - content: 'ssl = yes

      ssl_cert = </etc/ssl/certs/info.river-innovations.com.cert

      ssl_key = </etc/ssl/private/info.river-innovations.com.key'
/etc/dovecot/conf.d/10-ssl.conf-B:
  file.comment:
    - name: /etc/dovecot/conf.d/10-ssl.conf
    - regex: '^ssl = no.*$'

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.