From af46f2a5c8297135b68b6a7371402832a8e30b49 Mon Sep 17 00:00:00 2001
From: Kristian Klausen <kristian@klausen.dk>
Date: Fri, 9 Jul 2021 01:33:19 +0200
Subject: [PATCH] dovecot: Decouple the mailboxes from the system user

The homedir is now /home/vmail/%d/%n instead of /home/$USER.

Preparation for switching to a virtual user setup and removing all the
staff users from mail.a.o.
---
 roles/dovecot/tasks/main.yml            | 6 ++++++
 roles/dovecot/templates/dovecot.conf.j2 | 2 ++
 2 files changed, 8 insertions(+)

diff --git a/roles/dovecot/tasks/main.yml b/roles/dovecot/tasks/main.yml
index 494559b65..d3156553c 100644
--- a/roles/dovecot/tasks/main.yml
+++ b/roles/dovecot/tasks/main.yml
@@ -15,6 +15,12 @@
   notify:
     - reload dovecot
 
+- name: add vmail group
+  group: name=vmail gid=5000
+
+- name: add vmail user
+  user: name=vmail uid=5000 shell=/usr/bin/nologin group=vmail
+
 - name: install PAM config
   copy: src=pam.d.dovecot dest=/etc/pam.d/dovecot mode=0644 owner=root group=root
 
diff --git a/roles/dovecot/templates/dovecot.conf.j2 b/roles/dovecot/templates/dovecot.conf.j2
index 9bb7862f1..1ccbe83e0 100644
--- a/roles/dovecot/templates/dovecot.conf.j2
+++ b/roles/dovecot/templates/dovecot.conf.j2
@@ -97,6 +97,8 @@ ssl_cipher_list = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDH
 
 userdb {
 	driver = passwd
+	# https://doc.dovecot.org/configuration_manual/config_file/config_variables/
+	override_fields = uid=vmail gid=vmail home=/home/vmail/%d/%n
 }
 protocol imap {
 	imap_client_workarounds = tb-extra-mailbox-sep
-- 
GitLab