From b5dd4c4a6231931a687264e79f3f33350369c9b3 Mon Sep 17 00:00:00 2001
From: Kristian Klausen <kristian@klausen.dk>
Date: Fri, 12 Aug 2022 21:11:40 +0200
Subject: [PATCH] dovecot: Add shared mailbox for the mediation team

Please see [1] and [2] for a better understanding of how this works.

[1] https://doc.dovecot.org/configuration_manual/authentication/password_databases_passdb/
[2] https://doc.dovecot.org/configuration_manual/authentication/user_databases_userdb/

Fix #464
---
 roles/dovecot/files/shared-mailboxes     |  1 +
 roles/dovecot/files/shared-mailboxes-acl |  3 +++
 roles/dovecot/tasks/main.yml             |  8 ++++++++
 roles/dovecot/templates/dovecot.conf.j2  | 16 ++++++++++++++++
 4 files changed, 28 insertions(+)
 create mode 100644 roles/dovecot/files/shared-mailboxes
 create mode 100644 roles/dovecot/files/shared-mailboxes-acl

diff --git a/roles/dovecot/files/shared-mailboxes b/roles/dovecot/files/shared-mailboxes
new file mode 100644
index 000000000..28d2ebe58
--- /dev/null
+++ b/roles/dovecot/files/shared-mailboxes
@@ -0,0 +1 @@
+mediation-team:::::::
diff --git a/roles/dovecot/files/shared-mailboxes-acl b/roles/dovecot/files/shared-mailboxes-acl
new file mode 100644
index 000000000..479101f97
--- /dev/null
+++ b/roles/dovecot/files/shared-mailboxes-acl
@@ -0,0 +1,3 @@
+denisse_mediation-team:::::/home/vmail/shared-mailboxes/mediation-team::user=denisse
+dvzrv_mediation-team:::::/home/vmail/shared-mailboxes/mediation-team::user=dvzrv
+morganamilo_mediation-team:::::/home/vmail/shared-mailboxes/mediation-team::user=morganamilo
diff --git a/roles/dovecot/tasks/main.yml b/roles/dovecot/tasks/main.yml
index 9ad91bbce..dfdea6665 100644
--- a/roles/dovecot/tasks/main.yml
+++ b/roles/dovecot/tasks/main.yml
@@ -13,6 +13,14 @@
   notify:
     - Reload dovecot
 
+- name: Install shared-mailboxes{,-acl}
+  copy: src={{ item }} dest=/etc/dovecot/ owner=root group=root mode=0644
+  loop:
+    - shared-mailboxes
+    - shared-mailboxes-acl
+  notify:
+    - Reload dovecot
+
 - name: Add vmail group
   group: name=vmail gid=5000
 
diff --git a/roles/dovecot/templates/dovecot.conf.j2 b/roles/dovecot/templates/dovecot.conf.j2
index 4cc04689a..4f7de9086 100644
--- a/roles/dovecot/templates/dovecot.conf.j2
+++ b/roles/dovecot/templates/dovecot.conf.j2
@@ -33,6 +33,10 @@ namespace inbox {
 	}
 }
 
+passdb {
+	driver = passwd-file
+	args = /etc/dovecot/shared-mailboxes-acl
+}
 passdb {
 	driver = pam
 }
@@ -89,6 +93,18 @@ ssl_options = no_compression
 
 ssl_cipher_list = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
 
+userdb {
+	driver = passwd-file
+	args = /etc/dovecot/shared-mailboxes
+	# https://doc.dovecot.org/configuration_manual/config_file/config_variables/
+	override_fields = uid=vmail gid=vmail home=/home/vmail/shared-mailboxes/%n
+}
+userdb {
+	driver = passwd-file
+	args = username_format=%{original_username} /etc/dovecot/shared-mailboxes-acl
+	# https://doc.dovecot.org/configuration_manual/config_file/config_variables/
+	override_fields = uid=vmail gid=vmail mail=mdbox:~/.mdbox:INDEXPVT=~/indexes/%Ln
+}
 userdb {
 	driver = passwd
 	# https://doc.dovecot.org/configuration_manual/config_file/config_variables/
-- 
GitLab