---
# Default configurations
# I populate these from external configs; I indicate what they are as inline comments

domain: "{{ blsedomains_admindomain }}" # Base domain name
postmaster: "root@{{ blsedomains_rootdomain }}" # Postmaster email address

# Roundcube
smtp_host: "{{ blsecluster_smtphost }}" # The hostname for SMTP access, usually the public name of your mail server
support_url: "https://www.{{ blsedomains_webdomain }}" # Some website address for Roundcube support
logo_filename: "bl-logo-roundcube.png" # The Roundcube logo under files/
roundcube_deskey: "{{ passwd_roundcube_deskey }}" # The Roundcube DES key

# Postfix
banner_hostname: "{{ ansible_hostname }}.{{ domain }}" # Public hostname of *this* mail host
myhostname: "{{ banner_hostname }}" # Hostname for Postfix myhostame
mydomain: "{{ domain }}" # Domain for Postfix mydomain
mynetworks: "{{ blsecluster_remote1v4 }} {{ blsecluster_remote2v4 }} {{ blsecluster_remote3v4 }} {{ blsecluster_hostsubnetv4 }}" # IP addresses for Postfix mynetworks

# Dovecot
# Note: SSL listeners aren't provided; HAProxy is expected to do SSL termination for us
trusted_networks: "{{ blsecluster_hostsubnetv4 }} {{ blsecluster_hostsubnetv6 }}" # Trusted network ranges for Dovecot
haproxy: yes # Enable HAProxy-specific (Proxy protocol) listeners on ports 10143 and 10110

# LDAP integration (Postfix, Dovecot, Roundcube)
ldap_host: "{{ blsecluster_ldaphost }}" # The hostname for LDAP access
ldap_port: 389 # The LDAP port (always non-SSL)
ldap_basedn: "o=domains,dc=bonilan,dc=net" # The LDAP base DN
ldap_bind_username: "{{ username_ldap_admin }}" # The LDAP bind user name (usually cn=admin)
ldap_bind_password: "{{ passwd_ldap_admin }}" # The LDAP bind user password

# MySQL integration (Roundcube)
mysql_host: "{{ blsecluster_sqlhost }}" # The hostname for MySQL access
mysql_port: "{{ mysql_client['mail'].port }}" # The port for MySQL access
mysql_database: "{{ mysql_client['mail'].database }}" # The database name
mysql_username: "{{ mysql_client['mail'].username }}" # The database user
mysql_password: "{{ mysql_client['mail'].passwd }}" # The database password