dovecot: also generate DANE reocrds for non-encrypted protocols

- Generate imap and pop3 DANE records, on ports 143 and 110 resp. To update your server, run the following playbook: --- ROLE=dovecot apb -i ../config/hosts.yml -v -t facts,scripts install.yml ---
progmaticltd · Mar 24, 2024 · 01c8176 · 01c8176
1 parent d8713bf
commit 01c8176
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 0 deletions.
diff --git a/roles/dovecot/files/scripts/renew-cert-imap.sh b/roles/dovecot/files/scripts/renew-cert-imap.sh
@@ -49,6 +49,7 @@ if [ $server_until_epoch -lt $file_until_epoch ]; then
         echo "Not live"
     elif [ "$action" = "activate" ]; then
         /usr/local/sbin/dane-set-record imap 993
+        /usr/local/sbin/dane-set-record imap 143
         systemctl restart dovecot
     fi
 elif [ "$action" = "status" ]; then

diff --git a/roles/dovecot/files/scripts/renew-cert-pop3.sh b/roles/dovecot/files/scripts/renew-cert-pop3.sh
@@ -48,6 +48,7 @@ if [ $server_until_epoch -lt $file_until_epoch ]; then
     if [ "$action" = "status" ]; then
         echo "Not live"
     elif [ "$action" = "activate" ]; then
+        /usr/local/sbin/dane-set-record pop3 110
         /usr/local/sbin/dane-set-record pop3 995
         systemctl restart dovecot
     fi