fix cyrus backup

suhancz · Apr 24, 2024 · 8afd755 · 8afd755
1 parent b9a047c
commit 8afd755
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 7 deletions.
diff --git a/TODO.md b/TODO.md
@@ -2,7 +2,6 @@
 
 List of things not implemented yet, but planned
 
-* create not-yet-exising-in-OS users in LDAP
 * if possible, configure `adduser` and so to work on LDAP
 * authenticate Apache admin sites via LDAP
 * confirm if PostfixAdmin is needed at all

diff --git a/tasks/backups.yml b/tasks/backups.yml
@@ -37,8 +37,7 @@
     - { name: "opendkim", paths: ["/etc/opendkim", "/etc/opendkim.conf"], service: True }
     - { name: "opendmarc", paths: ["/etc/opendmarc", "/etc/opendmarc.conf"], service: True }
     - { name: "kolab", paths: ["/etc/kolab"] }
-    - { name: "cyrus-imap", paths: ["/etc/imap"] }
-    - { name: "cyrus-imap", paths: ["/etc/cyrus-imap"], service: True }
+    - { name: "cyrus-imap", paths: ["/etc/imap", "/etc/cyrus-imap"], service: True }
     # - { name: "postfix", paths: ["/etc/postfix", "/etc/mail/postfixadmin", "/var/vmail"], service: True }
     - { name: "postfix", paths: ["/etc/postfix", "/var/vmail"], service: True }
     - { name: "ssl", paths: ["/etc/letsencrypt"] }
@@ -114,7 +113,7 @@
     - wg_vpn
 - name: Restore backups
   tags: restore
-  when: mariadb_backup_path is defined or ldap_backup_path is defined or opendkim_backup_path is defined or opendmarc_backup_path is defined or vsftpd_backup_path is defined or ssl_backup_path is defined or kolab_backup_path is defined or cyrus-imap_backup_path is defined or postfix_backup_path is defined or pdns_backup_path is defined or wg_vpn_backup_path is defined
+  when: mariadb_backup_path is defined or ldap_backup_path is defined or opendkim_backup_path is defined or opendmarc_backup_path is defined or vsftpd_backup_path is defined or ssl_backup_path is defined or kolab_backup_path is defined or imap_backup_path is defined or postfix_backup_path is defined or pdns_backup_path is defined or wg_vpn_backup_path is defined
   block:
     - name: Prepare MariaDB backup
       when: mariadb_backup_path is defined
@@ -183,6 +182,11 @@
       # ansible.builtin.command: "dsctl {{ mailserver_hostname }} start"
       register: start_ldap_server
       changed_when: start_ldap_server.rc == 0
+    - name: Restore service tarball backups
+      ansible.builtin.include_tasks: restore_service_tarball_backup.yml
+      vars:
+        service: cyrus-imap
+        service_backup_path: "{{ imap_backup_path }}"
     - name: Restore service tarball backups
       ansible.builtin.include_tasks: restore_service_tarball_backup.yml
       vars:
@@ -194,7 +198,6 @@
         - opendmarc
         - vsftpd
         - kolab
-        - cyrus-imap
         - postfix
         - pdns
         - wg_vpn

diff --git a/templates/ldap/fix_domain_aci.ldif.j2 b/templates/ldap/fix_domain_aci.ldif.j2
@@ -1,4 +1,4 @@
-dn: cn=kolab,cn=config
+dn: associateddomain={{ mailserver_domain }},cn=kolab,cn=config
 changetype: modify
 add: aci
-aci: (targetattr = "*") (version 3.0;acl "Admin Access for {{ users | selectattr('name', 'equalto', mailserver_admin_user) | map(attribute='name') | first}} at {{ mailserver_domain }}";allow (all)(userdn = "ldap:///uid={{ users | selectattr('name', 'equalto', mailserver_admin_user) | map(attribute='name') | first}},dc={{ mailserver_domain | split('.') | join(',dc=') }}");)
+aci: (targetattr = "*") (version 3.0;acl "Admin Access for {{ users | selectattr('name', 'equalto', mailserver_admin_user) | map(attribute='name') | first}} at {{ mailserver_domain }}";allow (all)(userdn = "ldap:///uid={{ users | selectattr('name', 'equalto', mailserver_admin_user) | map(attribute='name') | first}},ou=people,dc={{ mailserver_domain | split('.') | join(',dc=') }}");)