LogoKolab Groupware OBS > Projects
Log In

View File plesk.sys.config of Package guam (Project home:sicherha:branches:Kolab:16)

%% Example configuration for Guam.
[
    {
        kolab_guam, [
            {
                imap_servers, [
                    {
                        imap, [
                            { host, "127.0.0.1" },
                            { port, 9143 },
                            { tls, no }
                        ]
                    },
                    {
                        imaps, [
                            { host, "127.0.0.1" },
                            { port, 9993 },
                            { tls, true }
                        ]
                    }
                ]
            },
            {
                listeners, [
                    {
                        imap, [
                            { port, 143 },
                            { imap_server, imap },
                            {
                                rules, [
                                    { filter_groupware, [] }
                                ]
                            },
                            {
                                tls_config, [
                                    { certfile, "/etc/dovecot/private/dovecot.pem" },
                                    { cacertfile, "/etc/dovecot/private/dovecot.pem" },
                                    { dhfile, "/etc/guam/dh_2048.pem" },
                                    { verify, verify_none },
                                    { versions, [ 'tlsv1.2', 'tlsv1.1', tlsv1] },
                                    { fail_if_no_peer_cert, false },
                                    { honor_cipher_order, true },
                                    { ciphers, [
                                                    "ECDHE-ECDSA-AES256-GCM-SHA384",
                                                    "ECDHE-RSA-AES256-GCM-SHA384",
                                                    "ECDHE-ECDSA-AES256-SHA384",
                                                    "ECDHE-RSA-AES256-SHA384",
                                                    "ECDHE-ECDSA-DES-CBC3-SHA",
                                                    "ECDH-ECDSA-AES256-GCM-SHA384",
                                                    "ECDH-RSA-AES256-GCM-SHA384",
                                                    "ECDH-ECDSA-AES256-SHA384",
                                                    "ECDH-RSA-AES256-SHA384",
                                                    "DHE-DSS-AES256-GCM-SHA384",
                                                    "DHE-DSS-AES256-SHA256",
                                                    "AES256-GCM-SHA384",
                                                    "AES256-SHA256",
                                                    "ECDHE-ECDSA-AES128-GCM-SHA256",
                                                    "ECDHE-RSA-AES128-GCM-SHA256",
                                                    "ECDHE-ECDSA-AES128-SHA256",
                                                    "ECDHE-RSA-AES128-SHA256",
                                                    "ECDH-ECDSA-AES128-GCM-SHA256",
                                                    "ECDH-RSA-AES128-GCM-SHA256",
                                                    "ECDH-ECDSA-AES128-SHA256",
                                                    "ECDH-RSA-AES128-SHA256",
                                                    "DHE-DSS-AES128-GCM-SHA256",
                                                    "DHE-DSS-AES128-SHA256",
                                                    "AES128-GCM-SHA256",
                                                    "AES128-SHA256",
                                                    "ECDHE-ECDSA-AES256-SHA",
                                                    "ECDHE-RSA-AES256-SHA",
                                                    "DHE-DSS-AES256-SHA",
                                                    "ECDH-ECDSA-AES256-SHA",
                                                    "ECDH-RSA-AES256-SHA",
                                                    "AES256-SHA",
                                                    "ECDHE-ECDSA-AES128-SHA",
                                                    "ECDHE-RSA-AES128-SHA",
                                                    "DHE-DSS-AES128-SHA",
                                                    "ECDH-ECDSA-AES128-SHA",
                                                    "ECDH-RSA-AES128-SHA",
                                                    "AES128-SHA"
                                                ]
                                        },
                                    { client_renegotiation, false },
                                    { secure_renegotiate, true }
                                ]
                            }
                        ]
                    },
                    {
                        imaps, [
                            { port, 993 },
                            { implicit_tls, true },
                            { imap_server, imaps },
                            {
                                rules, [
                                    { filter_groupware, [] }
                                ]
                            },
                            {
                                tls_config, [
                                    { certfile, "/etc/dovecot/private/dovecot.pem" },
                                    { cacertfile, "/etc/dovecot/private/dovecot.pem" },
                                    { dhfile, "/etc/guam/dh_2048.pem" },
                                    { verify, verify_none },
                                    { versions, [ 'tlsv1.2', 'tlsv1.1', tlsv1] },
                                    { fail_if_no_peer_cert, false },
                                    { honor_cipher_order, true },
                                    { ciphers, [
                                                    "ECDHE-ECDSA-AES256-GCM-SHA384",
                                                    "ECDHE-RSA-AES256-GCM-SHA384",
                                                    "ECDHE-ECDSA-AES256-SHA384",
                                                    "ECDHE-RSA-AES256-SHA384",
                                                    "ECDHE-ECDSA-DES-CBC3-SHA",
                                                    "ECDH-ECDSA-AES256-GCM-SHA384",
                                                    "ECDH-RSA-AES256-GCM-SHA384",
                                                    "ECDH-ECDSA-AES256-SHA384",
                                                    "ECDH-RSA-AES256-SHA384",
                                                    "DHE-DSS-AES256-GCM-SHA384",
                                                    "DHE-DSS-AES256-SHA256",
                                                    "AES256-GCM-SHA384",
                                                    "AES256-SHA256",
                                                    "ECDHE-ECDSA-AES128-GCM-SHA256",
                                                    "ECDHE-RSA-AES128-GCM-SHA256",
                                                    "ECDHE-ECDSA-AES128-SHA256",
                                                    "ECDHE-RSA-AES128-SHA256",
                                                    "ECDH-ECDSA-AES128-GCM-SHA256",
                                                    "ECDH-RSA-AES128-GCM-SHA256",
                                                    "ECDH-ECDSA-AES128-SHA256",
                                                    "ECDH-RSA-AES128-SHA256",
                                                    "DHE-DSS-AES128-GCM-SHA256",
                                                    "DHE-DSS-AES128-SHA256",
                                                    "AES128-GCM-SHA256",
                                                    "AES128-SHA256",
                                                    "ECDHE-ECDSA-AES256-SHA",
                                                    "ECDHE-RSA-AES256-SHA",
                                                    "DHE-DSS-AES256-SHA",
                                                    "ECDH-ECDSA-AES256-SHA",
                                                    "ECDH-RSA-AES256-SHA",
                                                    "AES256-SHA",
                                                    "ECDHE-ECDSA-AES128-SHA",
                                                    "ECDHE-RSA-AES128-SHA",
                                                    "DHE-DSS-AES128-SHA",
                                                    "ECDH-ECDSA-AES128-SHA",
                                                    "ECDH-RSA-AES128-SHA",
                                                    "AES128-SHA"
                                                ]
                                        },
                                    { client_renegotiation, false },
                                    { secure_renegotiate, true }
                                ]
                            }
                        ]
                    }
                ]
            }
        ]
    },

    {
        lager, [
            {
                handlers, [
                    { lager_console_backend, info },
                    { lager_file_backend, [ { file, "log/error.log"}, { level, error } ] },
                    { lager_file_backend, [ { file, "log/console.log"}, { level, info } ] }
                ]
            }
        ]
    },

    %% SASL config
    {
        sasl, [
            { sasl_error_logger, { file, "log/sasl-error.log" } },
            { errlog_type, error },
            { error_logger_mf_dir, "log/sasl" },      % Log directory
            { error_logger_mf_maxbytes, 10485760 },   % 10 MB max file size
            { error_logger_mf_maxfiles, 5 }           % 5 files max
        ]
    }
].