vps/roles/mailserver/templates/config.toml

authentication.fallback-admin.secret = "{{ mailserver_secrets['admin_secret'] }}"
authentication.fallback-admin.user = "{{ mailserver_secrets['admin_user'] }}"
cluster.node-id = 1
lookup.default.hostname = "mail.{{ domain }}"
lookup.default.domain = "{{ domain }}"


# Server settings
server.http.permissive-cors = false
server.http.url = "protocol + '://' + key_get('default', 'hostname') + ':' + local_port"
server.http.use-x-forwarded = true
server.max-connections = 8192
server.socket.backlog = 1024
server.socket.nodelay = true
server.socket.reuse-addr = true
server.socket.reuse-port = true


# Listeners
server.listener.https.bind = "[::]:443"
server.listener.https.protocol = "http"
server.listener.https.tls.implicit = true
server.listener.imaptls.bind = "[::]:993"
server.listener.imaptls.protocol = "imap"
server.listener.imaptls.tls.implicit = true
server.listener.smtp.bind = "[::]:25"
server.listener.smtp.protocol = "smtp"
server.listener.smtp.tls.implicit = false
server.listener.submissions.bind = "[::]:465"
server.listener.submissions.protocol = "smtp"
server.listener.submissions.tls.implicit = true


# Certificate settings
certificate."default".cert = "%{file:///etc/fullchain.pem}%"
certificate."default".default = true
certificate."default".private-key = "%{file:///etc/privkey.pem}%"


# Storage settings
storage.blob = "postgresql"
storage.data = "postgresql"
storage.directory = "ldap"
storage.fts = "postgresql"
storage.lookup = "postgresql"


# Directory settings
# Note: 'directory.ldap.attributes.secret' must not be defined 
# to correctly disable OAuth, if the LDAP server doesn't expose passwords hashes.
directory.ldap.attributes.class = "objectClass"
directory.ldap.attributes.description = "distinguishedName"
directory.ldap.attributes.email = "mail"
directory.ldap.attributes.email-alias = "mailAlias"
directory.ldap.attributes.groups = "memberOf"
directory.ldap.attributes.name = "uid"
directory.ldap.attributes.quota = "diskQuota"
directory.ldap.base-dn = "{{ ldap_base_dn }}"
directory.ldap.bind.auth.dn = "uid=?,ou=people,{{ ldap_base_dn }}"
directory.ldap.bind.auth.enable = true
directory.ldap.bind.dn = "{{ mailserver_secrets['ldap_user'] }}"
directory.ldap.bind.secret = "{{ mailserver_secrets['ldap_password'] }}"
directory.ldap.cache.entries = 500
directory.ldap.filter.domains = "(&(|(objectClass=posixAccount)(objectClass=posixGroup))(|(mail=*@?)(mailAlias=*@?)))"
directory.ldap.filter.email = "(&(|(objectClass=posixAccount)(objectClass=posixGroup))(|(mail=?)(mailAlias=?)(mailList=?))(mail=*@{{ domain }}))"
directory.ldap.filter.expand = "(&(|(objectClass=posixAccount)(objectClass=posixGroup))(mailList=?))"
directory.ldap.filter.name = "(&(|(objectClass=posixAccount)(objectClass=posixGroup))(uid=?))"
directory.ldap.filter.verify = "(&(|(objectClass=posixAccount)(objectClass=posixGroup))(|(mail=*?*)(mailAlias=*?*)))"
directory.ldap.tls.allow-invalid-certs = false
directory.ldap.tls.enable = false
directory.ldap.type = "ldap"
directory.ldap.url = "ldap://lldap:3890"


# Store settings
store.postgresql.compression = "lz4"
store.postgresql.database = "stalwart"
store.postgresql.host = "postgres.{{ domain }}"
store.postgresql.password = "{{ mailserver_secrets['postgres_password'] }}"
store.postgresql.port = "5432"
store.postgresql.purge.frequency = "0 3 *"
store.postgresql.tls.allow-invalid-certs = true
store.postgresql.tls.enable = true
store.postgresql.type = "postgresql"
store.postgresql.user = "{{ mailserver_secrets['postgres_user'] }}"


# Logs settings
tracer.stdout.ansi = true
tracer.stdout.enable = true
tracer.stdout.level = "info"
tracer.stdout.type = "stdout"
Update Stalwart mailserver to 0.7.3 from 0.6.0. 2024-05-02 22:49:00 +02:00			`authentication.fallback-admin.secret = "{{ mailserver_secrets['admin_secret'] }}"`
			`authentication.fallback-admin.user = "{{ mailserver_secrets['admin_user'] }}"`
			`cluster.node-id = 1`
			`lookup.default.hostname = "mail.{{ domain }}"`
Stalwart mailserver: Update config file. 2024-05-25 11:30:27 +02:00			`lookup.default.domain = "{{ domain }}"`
Update Stalwart mailserver to 0.7.3 from 0.6.0. 2024-05-02 22:49:00 +02:00

			`# Server settings`
			`server.http.permissive-cors = false`
			`server.http.url = "protocol + '://' + key_get('default', 'hostname') + ':' + local_port"`
			`server.http.use-x-forwarded = true`
			`server.max-connections = 8192`
			`server.socket.backlog = 1024`
			`server.socket.nodelay = true`
			`server.socket.reuse-addr = true`
			`server.socket.reuse-port = true`


			`# Listeners`
			`server.listener.https.bind = "[::]:443"`
			`server.listener.https.protocol = "http"`
			`server.listener.https.tls.implicit = true`
			`server.listener.imaptls.bind = "[::]:993"`
			`server.listener.imaptls.protocol = "imap"`
			`server.listener.imaptls.tls.implicit = true`
			`server.listener.smtp.bind = "[::]:25"`
			`server.listener.smtp.protocol = "smtp"`
			`server.listener.smtp.tls.implicit = false`
			`server.listener.submissions.bind = "[::]:465"`
			`server.listener.submissions.protocol = "smtp"`
			`server.listener.submissions.tls.implicit = true`


			`# Certificate settings`
			`certificate."default".cert = "%{file:///etc/fullchain.pem}%"`
			`certificate."default".default = true`
			`certificate."default".private-key = "%{file:///etc/privkey.pem}%"`


			`# Storage settings`
			`storage.blob = "postgresql"`
			`storage.data = "postgresql"`
			`storage.directory = "ldap"`
			`storage.fts = "postgresql"`
			`storage.lookup = "postgresql"`


			`# Directory settings`
			`# Note: 'directory.ldap.attributes.secret' must not be defined`
			`# to correctly disable OAuth, if the LDAP server doesn't expose passwords hashes.`
			`directory.ldap.attributes.class = "objectClass"`
			`directory.ldap.attributes.description = "distinguishedName"`
			`directory.ldap.attributes.email = "mail"`
			`directory.ldap.attributes.email-alias = "mailAlias"`
			`directory.ldap.attributes.groups = "memberOf"`
			`directory.ldap.attributes.name = "uid"`
			`directory.ldap.attributes.quota = "diskQuota"`
			`directory.ldap.base-dn = "{{ ldap_base_dn }}"`
			`directory.ldap.bind.auth.dn = "uid=?,ou=people,{{ ldap_base_dn }}"`
			`directory.ldap.bind.auth.enable = true`
			`directory.ldap.bind.dn = "{{ mailserver_secrets['ldap_user'] }}"`
			`directory.ldap.bind.secret = "{{ mailserver_secrets['ldap_password'] }}"`
			`directory.ldap.cache.entries = 500`
			`directory.ldap.filter.domains = "(&(\|(objectClass=posixAccount)(objectClass=posixGroup))(\|(mail=@?)(mailAlias=@?)))"`
			`directory.ldap.filter.email = "(&(\|(objectClass=posixAccount)(objectClass=posixGroup))(\|(mail=?)(mailAlias=?)(mailList=?))(mail=*@{{ domain }}))"`
			`directory.ldap.filter.expand = "(&(\|(objectClass=posixAccount)(objectClass=posixGroup))(mailList=?))"`
			`directory.ldap.filter.name = "(&(\|(objectClass=posixAccount)(objectClass=posixGroup))(uid=?))"`
			`directory.ldap.filter.verify = "(&(\|(objectClass=posixAccount)(objectClass=posixGroup))(\|(mail=?)(mailAlias=?)))"`
			`directory.ldap.tls.allow-invalid-certs = false`
			`directory.ldap.tls.enable = false`
			`directory.ldap.type = "ldap"`
			`directory.ldap.url = "ldap://lldap:3890"`


			`# Store settings`
			`store.postgresql.compression = "lz4"`
			`store.postgresql.database = "stalwart"`
			`store.postgresql.host = "postgres.{{ domain }}"`
			`store.postgresql.password = "{{ mailserver_secrets['postgres_password'] }}"`
			`store.postgresql.port = "5432"`
			`store.postgresql.purge.frequency = "0 3 *"`
			`store.postgresql.tls.allow-invalid-certs = true`
			`store.postgresql.tls.enable = true`
			`store.postgresql.type = "postgresql"`
			`store.postgresql.user = "{{ mailserver_secrets['postgres_user'] }}"`


			`# Logs settings`
			`tracer.stdout.ansi = true`
			`tracer.stdout.enable = true`
Stalwart mailserver: Update config file. 2024-05-25 11:30:27 +02:00			`tracer.stdout.level = "info"`
Update Stalwart mailserver to 0.7.3 from 0.6.0. 2024-05-02 22:49:00 +02:00			`tracer.stdout.type = "stdout"`