mirrors/maddy
1
0
Fork 0
mirror of https://github.com/foxcpp/maddy.git synced 2025-04-04 05:37:34 +03:00
Code Issues Projects Releases Packages Wiki Activity
maddy/dist
History
fox.cpp 1b2b101f8e
dist: Remove DynamicUser from systemd units 
It is only a good thing to use for simple stateless daemons.  It is
possible to use StateDirectory to store state, but it is extremely
limited. Notably, only service processes and root can correctly access
the state directory. This makes up for a bad practice to run maddyctl as
root what in turn screws up permissions on files in messages directory
when imap-* subcommands are used.

Migration note: Users of systemd unit with DynamicUser enabled should
move /var/lib/private/maddy to /var/lib/maddy before starting maddy
after update.
2020-01-03 02:08:50 +03:00
..
fail2ban dist: Fix-up a4a95bc, rename block and filter reference as well 2019-11-19 18:13:19 +03:00
integration dist: Pass {auth_user} to rspamc 2019-12-02 19:35:50 +03:00
logrotate.d dist: Add logrotate configuration 2019-09-19 19:59:59 +03:00
scripts dist: Pass {auth_user} to rspamc 2019-12-02 19:35:50 +03:00
systemd dist: Remove DynamicUser from systemd units 2020-01-03 02:08:50 +03:00
vim dist: Regenerate lists in vim/syntax/maddy-conf.vim 2019-12-13 21:11:03 +03:00
install.sh Install integration scripts to libexec directory (/usr/lib/maddy) 2019-12-02 19:35:50 +03:00
README.md dist: Remove DynamicUser from systemd units 2020-01-03 02:08:50 +03:00

README.md

Distribution files for maddy

Disclaimer: Most of the files here are maintained in a "best-effort" way. That is, they may break or become outdated from time to time. Caveat emptor.

integration + scripts

These directories provide pre-made configuration snippets suitable for easy integration with external software.

Usually, this is what you use when you put import integration/something in your config.

systemd unit

maddy.service launches using default config path (/etc/maddy/maddy.conf). maddy@.service launches maddy using custom config path. E.g. maddy@foo.service will use /etc/maddy/foo.conf.

Additionally, unit files apply strict sandboxing, limiting maddy permissions on the system to a bare minimum. Subset of these options makes it impossible for privileged authentication helper binaries to gain required permissions, so you may have to disable it when using system account-based authentication with maddy running as a unprivilieged user.

fail2ban configuration

Configuration files for use with fail2ban. Assume either backend = systemd specified in system-wide configuration or log file written to /var/log/maddy/maddy.log.

See https://github.com/foxcpp/maddy/wiki/fail2ban-configuration for details.

logrotate configuration

Meant for logs rotation when logging to file is used.

vim ftdetect/ftplugin/syntax files

Minimal supplement to make configuration files more readable and help you see typos in directive names.