Introduce TLS config

This commit is contained in:
Quentin 2024-01-23 16:22:17 +01:00
parent 5b78e13b1e
commit 78cf72dde2
Signed by: quentin
GPG key ID: E9602264D639FF68
2 changed files with 16 additions and 5 deletions

View file

@ -12,7 +12,7 @@ If you want a complete reference, check the dedicated [Configuration Reference](
role = "Provider" role = "Provider"
pid = "aerogramme.pid" pid = "aerogramme.pid"
[imap] [imap_unsecure]
bind_addr = "[::]:1143" bind_addr = "[::]:1143"
[lmtp] [lmtp]

View file

@ -34,8 +34,13 @@ The common part of the provider daemon configuration:
role = "Provider" role = "Provider"
pid = "/var/run/aerogramme.pid" pid = "/var/run/aerogramme.pid"
[imap_unsecure]
bind_addr="[::1]:143"
[imap] [imap]
bind_addr="[::]:143" bind_addr="[::]:993"
certs = "my-certs.pem"
key = "my-key.pem"
[lmtp] [lmtp]
bind_addr="[::1]:1025" bind_addr="[::1]:1025"
@ -51,13 +56,19 @@ sure people run Aerogramme in the intended mode.
🔑 `pid` - *Optional, Path (String)* - The path to the file where the daemon PID will be stored. It's required to use the `aerogramme provider reload` command. 🔑 `pid` - *Optional, Path (String)* - The path to the file where the daemon PID will be stored. It's required to use the `aerogramme provider reload` command.
🗃️ `imap` - *Optional* - The IMAP configuration block, if not set, the IMAP cleartext service is not started 🗃️ `imap_unsecure` - *Optional* - The cleartext IMAP configuration block, if not set, the IMAP cleartext service is not started. Be careful, it is dangerous to run IMAP without transport encryption.
🔑 `imap.bind_addr` - *Required, Socket (String)* - On which IP address and port the IMAP service must bind, can be IPv6 or IPv4 syntax. 🔑 `imap.bind_addr` - *Required, Socket (String)* - On which IP address and port the cleartext IMAP service must bind, can be IPv6 or IPv4 syntax. (Port 143 is reserved for this use).
🗃️ `imap` - *Optional* - The TLS IMAP configuration block, if not set, the IMAP TLS service is not started. This is the recommanded way to expose your IMAP service.
🔑 `imap.bind_addr` - *Required, Socket (String)* - On which IP address and port the IMAP service must bind, can be IPv6 or IPv4 syntax. (Port 993 is reserved for this use).
🔑 `imap.certs` - *Required, Path (String)* - A path to the PEM encoded certificate list
🔑 `imap.key` - *Required, Path (String)* - A path to the PEM encoded private key
🗃️ `lmtp` - *Optional* - The LMTP configuration block, if not set, the LMTP service is not started 🗃️ `lmtp` - *Optional* - The LMTP configuration block, if not set, the LMTP service is not started
🔑 `lmtp.bind_addr` - *Required, Socket (String)* - On which IP address and port the LMTP service must bind, can be IPv6 or IPv4 syntax. 🔑 `lmtp.bind_addr` - *Required, Socket (String)* - On which IP address and port the LMTP service must bind, can be IPv6 or IPv4 syntax.
🗃️ `users` - *Required* - How users must be handled 🗃️ `users` - *Required* - How users must be handled
🔑 `user_driver` - *Required, Enum (String)* - Define which user driver must be used, the rest of the configuration depends on it. Valid values are: `Ldap` and `Static`. 🔑 `user_driver` - *Required, Enum (String)* - Define which user driver must be used, the rest of the configuration depends on it. Valid values are: `Ldap` and `Static`.
### LDAP user_driver ### LDAP user_driver