[enh] Dovecot and postgrey regen conf script

data/hooks/conf_regen/22-postgrey

@@ -0,0 +1,23 @@
+#!/bin/bash
+set -e 
+
+force=$1
+
+function safe_copy () {
+    if [[ "$force" == "True" ]]; then
+        sudo yunohost service safecopy \
+          -s postgrey \
+          $1 $2 \
+          --force
+    else
+        sudo yunohost service safecopy \
+          -s postgrey \
+          $1 $2
+    fi
+}
+
+cd /usr/share/yunohost/templates/postgrey
+
+if [[ "$(safe_copy postgrey.default /etc/default/postgrey)" == "True" ]]; then
+    sudo service nslcd restart
+fi

data/hooks/conf_regen/25-dovecot

@@ -0,0 +1,52 @@
+#!/bin/bash
+set -e 
+
+force=$1
+
+function safe_copy () {
+    if [[ "$force" == "True" ]]; then
+        sudo yunohost service safecopy \
+          -s dovecot $1 $2 --force
+    else
+        sudo yunohost service safecopy \
+          -s dovecot $1 $2
+    fi
+}
+
+cd /usr/share/yunohost/templates/dovecot
+
+# Create vmail user
+sudo id vmail > /dev/null 2>&1 \
+  || sudo adduser --system --ingroup mail --uid 500 vmail
+
+
+# Replace main domain in the main configuration file
+main_domain=$(cat /etc/yunohost/current_host)
+cat dovecot.conf.sed \
+  | sed "s/{{ main_domain }}/$main_domain/g" \
+  | sudo tee dovecot.conf
+
+
+# Handle IPv4 only systems
+if [ ! -f /proc/net/if_inet6 ];
+then
+  sudo sed -i 's/^listen.*/listen = \*/' dovecot.conf
+fi
+
+
+safe_copy dovecot.conf /etc/dovecot/dovecot.conf
+safe_copy dovecot-ldap.conf /etc/dovecot/dovecot-ldap.conf
+
+
+# Setup Sieve
+sudo rm -rf /etc/dovecot/global_script
+sudo mkdir -p -m 0770 /etc/dovecot/global_script
+safe_copy sa-learn-pipe.sh /usr/bin/sa-learn-pipe.sh
+sudo chmod 755 /usr/bin/sa-learn-pipe.sh
+safe_copy dovecot.sieve /etc/dovecot/global_script/dovecot.sieve
+sudo chmod 660 /etc/dovecot/global_script/dovecot.sieve
+sudo sievec /etc/dovecot/global_script/dovecot.sieve
+sudo chmod 660 /etc/dovecot/global_script/dovecot.svbin
+
+
+service dovecot reload

data/templates/dovecot/dovecot-ipv4.conf.j2

@@ -1,71 +0,0 @@
-# 2.1.7: /etc/dovecot/dovecot.conf
-# OS: Linux 3.2.0-3-686-pae i686 Debian wheezy/sid ext4
-listen = *
-auth_mechanisms = plain login
-login_greeting = Dovecot ready!!
-mail_gid = 8
-mail_home = /var/mail/%n
-mail_location = maildir:/var/mail/%n
-mail_uid = 500
-passdb {
-  args = /etc/dovecot/dovecot-ldap.conf
-  driver = ldap
-}
-protocols = imap sieve
-service auth {
-  unix_listener /var/spool/postfix/private/auth {
-    group = postfix
-    mode = 0660
-    user = postfix
-  }
-  unix_listener auth-master {
-    group = mail
-    mode = 0660
-    user = vmail
-  }
-}
-
-protocol sieve {
-}
-
-ssl_ca = </etc/ssl/certs/ca-yunohost_crt.pem
-ssl_cert = </etc/ssl/certs/yunohost_crt.pem
-ssl_key = </etc/ssl/private/yunohost_key.pem
-userdb {
-  args = /etc/dovecot/dovecot-ldap.conf
-  driver = ldap
-}
-protocol imap {
-  imap_client_workarounds =
-  mail_plugins = $mail_plugins antispam autocreate
-}
-protocol lda {
-  auth_socket_path = /var/run/dovecot/auth-master
-  mail_plugins = sieve
-  postmaster_address = postmaster@{{ domain }}
-}
-
-plugin {
-  sieve = /var/mail/sievescript/%n/.dovecot.sieve
-  sieve_dir = /var/mail/sievescript/%n/scripts/
-  sieve_before = /etc/dovecot/global_script/
-}
-
-plugin {
-  antispam_debug_target = syslog
-  antispam_verbose_debug = 0
-  antispam_backend = pipe
-  antispam_trash = Trash
-  antispam_spam = SPAM;Junk
-  antispam_allow_append_to_spam = no
-  antispam_pipe_program = /usr/bin/sa-learn-pipe.sh
-  antispam_pipe_program_spam_arg = --spam
-  antispam_pipe_program_notspam_arg = --ham
-}
-
-plugin {
-  autocreate = Trash
-  autocreate2 = Junk
-  autosubscribe = Trash
-  autosubscribe2 = Junk
-}

data/templates/dovecot/dovecot-ldap.conf

@@ -2,7 +2,7 @@ hosts = 127.0.0.1
 auth_bind = yes
 ldap_version = 3
 base = ou=users,dc=yunohost,dc=org
-user_attrs = uidNumber=500,gidNumber=8
+user_attrs = uidNumber=500,gidNumber=8,mailuserquota=quota_rule=*:bytes=%$
 user_filter = (&(objectClass=inetOrgPerson)(uid=%n))
 pass_filter = (&(objectClass=inetOrgPerson)(uid=%n))
 default_pass_scheme = SSHA

data/templates/dovecot/dovecot.conf.sed

@@ -12,6 +12,7 @@ passdb {
   driver = ldap
 }
 protocols = imap sieve
+mail_plugins = $mail_plugins quota
 service auth {
   unix_listener /var/spool/postfix/private/auth {
     group = postfix
@@ -31,18 +32,19 @@ protocol sieve {
 ssl_ca = </etc/ssl/certs/ca-yunohost_crt.pem
 ssl_cert = </etc/ssl/certs/yunohost_crt.pem
 ssl_key = </etc/ssl/private/yunohost_key.pem
+ssl_protocols = !SSLv2 !SSLv3
 userdb {
   args = /etc/dovecot/dovecot-ldap.conf
   driver = ldap
 }
 protocol imap {
   imap_client_workarounds =
-  mail_plugins = $mail_plugins antispam autocreate
+  mail_plugins = $mail_plugins imap_quota antispam autocreate
 }
 protocol lda {
   auth_socket_path = /var/run/dovecot/auth-master
-  mail_plugins = sieve
+  mail_plugins = quota sieve
-  postmaster_address = postmaster@{{ domain }}
+  postmaster_address = postmaster@{{ main_domain }}
 }
 
 plugin {
@@ -69,3 +71,22 @@ plugin {
   autosubscribe = Trash
   autosubscribe2 = Junk
 }
+
+plugin {
+  quota = maildir:User quota
+  quota_rule2 = SPAM:ignore
+  quota_rule3 = Trash:ignore
+}
+
+plugin {
+  quota_warning = storage=95%% quota-warning 95 %u
+  quota_warning2 = storage=80%% quota-warning 80 %u
+  quota_warning3 = -storage=100%% quota-warning below %u # user is no longer over quota
+}
+
+service quota-warning {
+  executable = script /usr/bin/quota-warning.sh
+  user = vmail
+  unix_listener quota-warning {
+  }
+}

data/templates/postfix/master.cf

@@ -9,10 +9,10 @@
 #               (yes)   (yes)   (yes)   (never) (100)
 # ==========================================================================
 smtp      inet  n       -       -       -       -       smtpd
-#submission inet n       -       -       -       -       smtpd
+submission inet n       -       -       -       -       smtpd
-#  -o smtpd_tls_security_level=encrypt
+  -o smtpd_tls_security_level=encrypt
-#  -o smtpd_sasl_auth_enable=yes
+  -o smtpd_sasl_auth_enable=yes
-#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
+  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
 #  -o milter_macro_daemon_name=ORIGINATING
 smtps     inet  n       -       -       -       -       smtpd
   -o header_checks=pcre:/etc/postfix/header_checks