From a902e12c56fe3dd78eb22c29c72e73284238ea86 Mon Sep 17 00:00:00 2001
From: Thomas Picouet <thomas.picouet@riseup.net>
Date: Sun, 28 Oct 2018 17:12:29 +0100
Subject: [PATCH] =?UTF-8?q?r=C3=A9ception=20du=20mail=20ok=20(ajout=20d'un?=
 =?UTF-8?q?e=20valeur=20par=20d=C3=A9faut=20de=20'domaine')?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 pica-mail-mda/auth_plaintext/Dockerfile       |   5 +-
 .../auth_plaintext/{ => conf.d}/10-auth.conf  |   0
 .../auth_plaintext/conf.d/10-master.conf      | 133 ++++++++++++++++++
 .../conf.d/auth-passwdfile.conf.ext           |  26 ++++
 4 files changed, 162 insertions(+), 2 deletions(-)
 rename pica-mail-mda/auth_plaintext/{ => conf.d}/10-auth.conf (100%)
 create mode 100644 pica-mail-mda/auth_plaintext/conf.d/10-master.conf
 create mode 100644 pica-mail-mda/auth_plaintext/conf.d/auth-passwdfile.conf.ext

diff --git a/pica-mail-mda/auth_plaintext/Dockerfile b/pica-mail-mda/auth_plaintext/Dockerfile
index 4c617f34..0a92a99f 100644
--- a/pica-mail-mda/auth_plaintext/Dockerfile
+++ b/pica-mail-mda/auth_plaintext/Dockerfile
@@ -14,8 +14,9 @@ RUN apt-get update -y \
 
 #configuration de dovecot
 
-COPY ./10-master.conf /etc/dovecot/conf.d/10-master.conf
-COPY ./10-auth.conf /etc/dovecot/conf.d/10-auth.conf
+COPY ./conf.d/10-master.conf /etc/dovecot/conf.d/10-master.conf
+COPY ./conf.d/10-auth.conf /etc/dovecot/conf.d/10-auth.conf
+COPY ./conf.d/auth-passwdfile.conf.ext /etc/dovecot/conf.d/auth-passwdfile.conf.ext
 COPY entrypoint.sh /
 
 ENTRYPOINT ["/entrypoint.sh"]
diff --git a/pica-mail-mda/auth_plaintext/10-auth.conf b/pica-mail-mda/auth_plaintext/conf.d/10-auth.conf
similarity index 100%
rename from pica-mail-mda/auth_plaintext/10-auth.conf
rename to pica-mail-mda/auth_plaintext/conf.d/10-auth.conf
diff --git a/pica-mail-mda/auth_plaintext/conf.d/10-master.conf b/pica-mail-mda/auth_plaintext/conf.d/10-master.conf
new file mode 100644
index 00000000..02ef0ba8
--- /dev/null
+++ b/pica-mail-mda/auth_plaintext/conf.d/10-master.conf
@@ -0,0 +1,133 @@
+#dovecot 10-master.conf default file modified in order to allow lmtp connections via tcp/ip
+#all Pica alterations are commented with a #pica label
+
+#default_process_limit = 100
+#default_client_limit = 1000
+
+# Default VSZ (virtual memory size) limit for service processes. This is mainly
+# intended to catch and kill processes that leak memory before they eat up
+# everything.
+#default_vsz_limit = 256M
+
+# Login user is internally used by login processes. This is the most untrusted
+# user in Dovecot system. It shouldn't have access to anything at all.
+#default_login_user = dovenull
+
+# Internal user is used by unprivileged processes. It should be separate from
+# login user, so that login processes can't disturb other processes.
+#default_internal_user = dovecot
+
+service imap-login {
+  inet_listener imap {
+    #port = 143
+  }
+  inet_listener imaps {
+    #port = 993
+    #ssl = yes
+  }
+
+  # Number of connections to handle before starting a new process. Typically
+  # the only useful values are 0 (unlimited) or 1. 1 is more secure, but 0
+  # is faster. <doc/wiki/LoginProcess.txt>
+  #service_count = 1
+
+  # Number of processes to always keep waiting for more connections.
+  #process_min_avail = 0
+
+  # If you set service_count=0, you probably need to grow this.
+  #vsz_limit = $default_vsz_limit
+}
+
+service pop3-login {
+  inet_listener pop3 {
+    #port = 110
+  }
+  inet_listener pop3s {
+    #port = 995
+    #ssl = yes
+  }
+}
+
+#pica
+#service lmtp {
+#  unix_listener lmtp {
+#    #mode = 0666
+#  }
+#
+#  # Create inet listener only if you can't use the above UNIX socket
+#  #inet_listener lmtp {
+#    # Avoid making LMTP visible for the entire internet
+#    #address =
+#    #port =
+#  #}
+#}
+
+#pica: lmtp (local delivery agent) via tcp, in order to allow connections from hosts on local network (i.e. VMs on Alice & Bob)
+#a config block like this will be added at compilation:
+#service lmtp {
+#  inet_listener lmtp {
+#    address = 192.168.0.24 127.0.0.1 ::1
+#    port = 24
+#  }
+#}
+
+service imap {
+  # Most of the memory goes to mmap()ing files. You may need to increase this
+  # limit if you have huge mailboxes.
+  #vsz_limit = $default_vsz_limit
+
+  # Max. number of IMAP processes (connections)
+  #process_limit = 1024
+}
+
+#pica : no pop
+#service pop3 {
+#  # Max. number of POP3 processes (connections)
+#  #process_limit = 1024
+#}
+
+service auth {
+  # auth_socket_path points to this userdb socket by default. It's typically
+  # used by dovecot-lda, doveadm, possibly imap process, etc. Users that have
+  # full permissions to this socket are able to get a list of all usernames and
+  # get the results of everyone's userdb lookups.
+  #
+  # The default 0666 mode allows anyone to connect to the socket, but the
+  # userdb lookups will succeed only if the userdb returns an "uid" field that
+  # matches the caller process's UID. Also if caller's uid or gid matches the
+  # socket's uid or gid the lookup succeeds. Anything else causes a failure.
+  #
+  # To give the caller full permissions to lookup all users, set the mode to
+  # something else than 0666 and Dovecot lets the kernel enforce the
+  # permissions (e.g. 0777 allows everyone full permissions).
+  unix_listener auth-userdb {
+    #mode = 0666
+    #user =
+    #group =
+  }
+
+  # Postfix smtp-auth
+  #unix_listener /var/spool/postfix/private/auth {
+  #  mode = 0666
+  #}
+
+  # Auth process is run as this user.
+  #user = $default_internal_user
+}
+
+service auth-worker {
+  # Auth worker process is run as root by default, so that it can access
+  # /etc/shadow. If this isn't necessary, the user should be changed to
+  # $default_internal_user.
+  #user = root
+}
+
+service dict {
+  # If dict proxy is used, mail processes should have access to its socket.
+  # For example: mode=0660, group=vmail and global mail_access_groups=vmail
+  unix_listener dict {
+    #mode = 0600
+    #user =
+    #group =
+  }
+}
diff --git a/pica-mail-mda/auth_plaintext/conf.d/auth-passwdfile.conf.ext b/pica-mail-mda/auth_plaintext/conf.d/auth-passwdfile.conf.ext
new file mode 100644
index 00000000..c14db30d
--- /dev/null
+++ b/pica-mail-mda/auth_plaintext/conf.d/auth-passwdfile.conf.ext
@@ -0,0 +1,26 @@
+#dovecot auth-passwdfile.conf.ext default file modified in order to associate a domain name to users (picasoft)
+#all Pica alterations are commented with a #/!\pica label
+
+# Authentication for passwd-file users. Included from 10-auth.conf.
+#
+# passwd-like file with specified location.
+# <doc/wiki/AuthDatabase.PasswdFile.txt>
+
+passdb {
+  driver = passwd-file
+  args = scheme=CRYPT username_format=%u /etc/dovecot/users
+}
+
+userdb {
+  driver = passwd-file
+  args = username_format=%n /etc/dovecot/users
+
+  # Default fields that can be overridden by passwd-file
+  #default_fields = quota_rule=*:storage=1G
+#/!\pica ajout d'une valeur par défaut pour le champ "domaine"
+  default_fields = domaine=picasoft
+
+  # Override fields from passwd-file
+  #override_fields = home=/home/virtual/%u
+}
+
-- 
GitLab