AnsibleRoles/ensure_dovecot
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Enable MySQL user accounts

Browse Source
This commit is contained in:
Jason Rothstein
2021-12-05 11:54:39 -06:00
parent f9fe1a6a14
commit 9b30664a41
4 changed files with 91 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

74
README.md
View File

@@ -6,12 +6,82 @@ A brief description of the role goes here.
Requirements
------------
Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
Create database for MySQL/MariaDB with :
```
CREATE DATABASE IF NOT EXISTS `mailserver` DEFAULT CHARACTER SET utf8mb4;
USE `mailserver`;
CREATE TABLE IF NOT EXISTS `virtual_domains` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`name` varchar(255) NOT NULL,
PRIMARY KEY (`id`)
) DEFAULT CHARSET=utf8mb4 CHECKSUM=1;
CREATE TABLE IF NOT EXISTS `virtual_aliases` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`domain_id` int(11) NOT NULL,
`source` varchar(255) NOT NULL,
`destination` varchar(255) NOT NULL,
PRIMARY KEY (`id`),
KEY `domain_id` (`domain_id`),
CONSTRAINT `virtual_aliases_ibfk_1` FOREIGN KEY (`domain_id`) REFERENCES `virtual_domains` (`id`) ON DELETE CASCADE
) DEFAULT CHARSET=utf8mb4 CHECKSUM=1;
CREATE TABLE IF NOT EXISTS `virtual_users` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`domain_id` int(11) NOT NULL,
`password` varchar(106) NOT NULL,
`email` varchar(255) NOT NULL,
PRIMARY KEY (`id`),
UNIQUE KEY `email` (`email`),
KEY `domain_id` (`domain_id`),
CONSTRAINT `virtual_users_ibfk_1` FOREIGN KEY (`domain_id`) REFERENCES `virtual_domains` (`id`) ON DELETE CASCADE
) DEFAULT CHARSET=utf8mb4 CHECKSUM=1;
```
Create an account to access MySQL/MariaDB with :
```
GRANT SELECT ON mailserver.* TO 'mailserver'@'%' IDENTIFIED BY 'changeme';
FLUSH PRIVLEGES;
```
New users created via the following SQL :
```
INSERT INTO `virtual_domains`
(`name`)
VALUES
('example.com');
SELECT *
FROM `virtual_domains`
WHERE `name`='example.com';
INSERT INTO `virtual_users`
(`domain_id`, `password`, `email`)
VALUES
('1', ENCRYPT('changeme', CONCAT('$6$', SUBSTRING(SHA(RAND()), -16))), 'webmaster@example.com');
```
In the above example, the MySQL/MariaDB ENCRYPT() function calls the OS crypt(3) function. The above uses a random 16 character SALT to encrypt, and selects the SHA-512 crypt method. Other available crypt methods are as follows :
| ID | Method |
| - | - |
| 1 | MD5 |
| 5 | SHA-256 (glibc >= 2.7) |
| 6 | SHA-512 (glibc >= 2.7) |
Role Variables
--------------
A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.
| Variable | Default | Description |
| - | - | - |
| dovecot_mysql_server | undefined | Server to connect to |
| dovecot_mysql_database | undefined | Database with MySQL to use |
| dovecot_mysql_username | undefined | Username with read only rights |
| dovecot_mysql_password | undefined | Password for read only user |
Dependencies
------------