From e7d1da5b13e27cf9b6c0d1f3058bdc645e9a22c3 Mon Sep 17 00:00:00 2001
From: Matt Birkholz <matt@birchwood-abbey.net>
Date: Mon, 22 Dec 2025 08:41:17 -0700
Subject: [PATCH] Accommodate changes to Dovecot's configuration language in
 v2.4.

~ssl_cerl~ and ~ssl_key~ were renamed and ~mail_location~ was split in
two.
---
 README.org                   | 55 ++++++++++++++++++++++++++++++++----
 roles_t/core/tasks/main.yml  | 21 +++++++++++++-
 roles_t/front/tasks/main.yml | 26 ++++++++++++++++-
 3 files changed, 95 insertions(+), 7 deletions(-)

diff --git a/README.org b/README.org
index 68a145b..585359d 100644
--- a/README.org
+++ b/README.org
@@ -282,15 +282,25 @@ service imap-login {
 Both Dovecot servers store member email in members' local =~/Maildir/=
 directories.
 
-#+NAME: dovecot-maildir
+#+NAME: dovecot-2.3-maildir
 #+CAPTION: ~dovecot-maildir~
 #+BEGIN_SRC conf
 mail_location = maildir:~/Maildir
 #+END_SRC
 
+In version 2.4 (Debian 13), this variable was split in two.
+
+#+NAME: dovecot-maildir
+#+CAPTION: ~dovecot-maildir~
+#+BEGIN_SRC conf
+mail_driver = maildir
+mail_path = ~/Maildir
+#+END_SRC
+
 The complete Dovecot configurations for Front and Core use these
-common settings with host specific settings for ~ssl_cert~ and
-~ssl_key~.
+common settings with host specific settings for ~ssl_server_cert_file~
+and ~ssl_server_key_file~, ~ssl_cert~ and ~ssl_key~ on versions of
+Dovecot before 2.4 (Debian 13).
 
 ** The Web Services
 
@@ -1752,7 +1762,7 @@ and enables it to start at every reboot.
   become: yes
   apt: pkg=dovecot-imapd
 
-- name: Configure Dovecot IMAPd.
+- name: Configure Dovecot 2.3 IMAPd.
   become: yes
   copy:
     content: |
@@ -1760,8 +1770,26 @@ and enables it to start at every reboot.
       ssl_cert = </etc/server.crt
       ssl_key = </etc/server.key
       <<dovecot-ports>>
+      <<dovecot-2.3-maildir>>
+    dest: /etc/dovecot/local.conf
+  when: ansible_distribution != 'Debian'
+        or ( ansible_distribution == 'Debian'
+             and 13 > ansible_distribution_major_version|int )
+  notify: Restart Dovecot.
+
+- name: Configure Dovecot IMAPd.
+  become: yes
+  copy:
+    content: |
+      <<dovecot-tls>>
+      ssl_server_cert_file = /etc/server.crt
+      ssl_server_key_file = /etc/server.key
+      <<dovecot-ports>>
       <<dovecot-maildir>>
     dest: /etc/dovecot/local.conf
+  when:
+  - ansible_distribution == 'Debian'
+  - 12 < ansible_distribution_major_version|int
   notify: Restart Dovecot.
 
 - name: Start Dovecot.
@@ -3184,15 +3212,32 @@ and enables it to start at every reboot.
   become: yes
   apt: pkg=dovecot-imapd
 
-- name: Configure Dovecot IMAPd.
+- name: Configure Dovecot 2.3 IMAPd.
   become: yes
   copy:
     content: |
       <<dovecot-tls>>
       ssl_cert = </etc/server.crt
       ssl_key = </etc/server.key
+      <<dovecot-2.3-maildir>>
+    dest: /etc/dovecot/local.conf
+  when: ansible_distribution != 'Debian'
+        or ( ansible_distribution == 'Debian'
+             and 13 > ansible_distribution_major_version|int )
+  notify: Restart Dovecot.
+
+- name: Configure Dovecot IMAPd.
+  become: yes
+  copy:
+    content: |
+      <<dovecot-tls>>
+      ssl_server_cert_file = /etc/server.crt
+      ssl_server_key_file = /etc/server.key
       <<dovecot-maildir>>
     dest: /etc/dovecot/local.conf
+  when:
+  - ansible_distribution == 'Debian'
+  - 12 < ansible_distribution_major_version|int
   notify: Restart Dovecot.
 
 - name: Start Dovecot.
diff --git a/roles_t/core/tasks/main.yml b/roles_t/core/tasks/main.yml
index bbc93e8..75db296 100644
--- a/roles_t/core/tasks/main.yml
+++ b/roles_t/core/tasks/main.yml
@@ -380,7 +380,7 @@
   become: yes
   apt: pkg=dovecot-imapd
 
-- name: Configure Dovecot IMAPd.
+- name: Configure Dovecot 2.3 IMAPd.
   become: yes
   copy:
     content: |
@@ -390,6 +390,25 @@
       ssl_key = </etc/server.key
       mail_location = maildir:~/Maildir
     dest: /etc/dovecot/local.conf
+  when: ansible_distribution != 'Debian'
+        or ( ansible_distribution == 'Debian'
+             and 13 > ansible_distribution_major_version|int )
+  notify: Restart Dovecot.
+
+- name: Configure Dovecot IMAPd.
+  become: yes
+  copy:
+    content: |
+      protocols = imap
+      ssl = required
+      ssl_server_cert_file = /etc/server.crt
+      ssl_server_key_file = /etc/server.key
+      mail_driver = maildir
+      mail_path = ~/Maildir
+    dest: /etc/dovecot/local.conf
+  when:
+  - ansible_distribution == 'Debian'
+  - 12 < ansible_distribution_major_version|int
   notify: Restart Dovecot.
 
 - name: Start Dovecot.
diff --git a/roles_t/front/tasks/main.yml b/roles_t/front/tasks/main.yml
index f3dd75a..1256286 100644
--- a/roles_t/front/tasks/main.yml
+++ b/roles_t/front/tasks/main.yml
@@ -179,7 +179,7 @@
   become: yes
   apt: pkg=dovecot-imapd
 
-- name: Configure Dovecot IMAPd.
+- name: Configure Dovecot 2.3 IMAPd.
   become: yes
   copy:
     content: |
@@ -194,6 +194,30 @@
       }
       mail_location = maildir:~/Maildir
     dest: /etc/dovecot/local.conf
+  when: ansible_distribution != 'Debian'
+        or ( ansible_distribution == 'Debian'
+             and 13 > ansible_distribution_major_version|int )
+  notify: Restart Dovecot.
+
+- name: Configure Dovecot IMAPd.
+  become: yes
+  copy:
+    content: |
+      protocols = imap
+      ssl = required
+      ssl_server_cert_file = /etc/server.crt
+      ssl_server_key_file = /etc/server.key
+      service imap-login {
+        inet_listener imap {
+          port = 0
+        }
+      }
+      mail_driver = maildir
+      mail_path = ~/Maildir
+    dest: /etc/dovecot/local.conf
+  when:
+  - ansible_distribution == 'Debian'
+  - 12 < ansible_distribution_major_version|int
   notify: Restart Dovecot.
 
 - name: Start Dovecot.
-- 
2.47.3