171 lines
6.4 KiB
Django/Jinja
171 lines
6.4 KiB
Django/Jinja
[default]
|
|
# Whether lacre should add a header after it has processed an email
|
|
# This may be useful for debugging purposes
|
|
add_header = {{ lacre_add_header }}
|
|
|
|
# Whether we should only encrypt emails if they are explicitly defined in
|
|
# the key mappings below ([enc_keymap] section)
|
|
# This means lacre won't automatically detect PGP recipients for encrypting
|
|
enc_keymap_only = {{ lacre_enc_keymap_only }}
|
|
|
|
# Convert encrypted text/plain email to MIME-attached encrypt style.
|
|
# (Default is to use older inline-style PGP encoding.)
|
|
mime_conversion = {{ lacre_mime_conversion }}
|
|
|
|
# RFC 2821 defines that the user part (User@domain.tld) of a mail address should be treated case sensitive.
|
|
# However, in the real world this is ignored very often. This option disables the RFC 2821
|
|
# compatibility so both the user part and the domain part are treated case insensitive.
|
|
# Disabling the compatibility is more convenient to users. So if you know that your
|
|
# recipients all ignore the RFC you could this to yes.
|
|
mail_case_insensitive = {{ lacre_mail_case_insensitive }}
|
|
|
|
[gpg]
|
|
# the directory where lacre public keys are stored
|
|
# (see INSTALL for details)
|
|
keyhome = {{ lacre_keyhome }}
|
|
|
|
[smime]
|
|
# the directory for the S/MIME certificate files
|
|
cert_path = {{ lacre_cert_path }}
|
|
|
|
[mailregister]
|
|
# settings for the register-handler
|
|
register_email = {{ lacre_register_email }}
|
|
mail_templates = {{ lacre_mail_templates }}
|
|
|
|
# URL to webpanel. The server should be able to reach it
|
|
webpanel_url = {{ lacre_webpanel_url }}
|
|
|
|
[cron]
|
|
# settings for the gpgmw cron job
|
|
send_email = yes
|
|
notification_email = {{ lacre_notification_email }}
|
|
mail_templates = {{ lacre_mail_templates }}
|
|
|
|
[logging]
|
|
# path to the logging configuration; see documentation for details:
|
|
# https://docs.python.org/3/library/logging.config.html#logging-config-fileformat
|
|
config = {{ lacre_logfile }}
|
|
{% if lacre_daemon == 'true' %}
|
|
[daemon]
|
|
# Advanced Content Filter section.
|
|
#
|
|
# Advanced filters differ from Simple ones by providing a daemon that handles
|
|
# requests, instead of starting a new process each time a message arrives.
|
|
host = {{ lacre_daemon_host }}
|
|
port = {{ lacre_daemon_port }}
|
|
|
|
# Maximum size (in bytes) of message body, i.e. data provided after DATA
|
|
# message. Following value comes from aiosmtpd module's default for this
|
|
# setting.
|
|
max_data_bytes = {{ lacre_max_data_bytes }}
|
|
|
|
# Sometimes it may make sense to log additional information from mail headers.
|
|
# This should never be PII, but information like encoding, content types, etc.
|
|
log_headers = {{ lacre_log_headers }}
|
|
{% endif %}
|
|
|
|
[relay]
|
|
# the relay settings to use for Postfix
|
|
# lacre will submit email to this relay after it is done processing
|
|
# unless you alter the default Postfix configuration, you won't have to modify this
|
|
host = {{ lacre_relay }}
|
|
port = {{ lacre_relay_port }}
|
|
# This is the default port of postfix. It is used to send some
|
|
# mails through the lacre so they are encrypted
|
|
enc_port = {{ lacre_enc_port }}
|
|
|
|
# Set this option to yes to use TLS for SMTP Servers which require TLS.
|
|
starttls = {{ lacre_starttls }}
|
|
|
|
|
|
[smtp]
|
|
# Options when smtp auth is required to send out emails
|
|
enabled = {{ lacre_smtp_enabled }}
|
|
username = {{ lacre_smtp_username }}
|
|
password = {{ lacre_smtp_password }}
|
|
host = {{ lacre_smtp_host }}
|
|
port = {{ lacre_smtp_port }}
|
|
starttls = {{ lacre_smtp_starttls }}
|
|
|
|
[database]
|
|
# edit the settings below if you want to read keys from a
|
|
# lacre-webgate database other than SQLite
|
|
enabled = {{ lacre_db_enabled }}
|
|
{% if lacre_db_backend == 'sqlite' %}
|
|
url = sqlite://{{ lacre_db_name }}
|
|
{% endif %}
|
|
{% if lacre_db_backend == 'mysql' %}
|
|
url = mysql://{{ lacre_db_username }}:{{ lacre_db_password }}@{{ lacre_db_host }}/{{ lacre_db_name }}
|
|
{% endif %}
|
|
|
|
# Pooling mode: pessimistic or optimistic (required parameter).
|
|
#
|
|
# - Pessimistic disconnect-handling: pre_ping. Connection pool will try using
|
|
# connection before it executes a SQL query to find out if the connection is
|
|
# still alive. If not, it'll just establish a new connection.
|
|
#
|
|
# - Optimistic distonnect-handling: just avoid using connections after some
|
|
# time.
|
|
#
|
|
pooling_mode = {{ lacre_pooling_mode }}
|
|
|
|
# For other RDBMS backends, see:
|
|
# https://docs.sqlalchemy.org/en/14/core/engines.html#database-urls
|
|
|
|
# Number of seconds after which an idle connection is recycled. This is
|
|
# useful with MySQL servers. This is only used with pooling_mode=optimistic.
|
|
# For more information, see:
|
|
# https://docs.sqlalchemy.org/en/14/core/engines.html#sqlalchemy.create_engine.params.pool_recycle
|
|
max_connection_age = {{ lacre_pooling_maxcon_age }}
|
|
|
|
# Number of connections stored in the pool.
|
|
pool_size = {{ lacre_pooling_poolsize }}
|
|
|
|
# If the pool size is not enough for current traffic, some connections can be
|
|
# made and closed after use, to avoid pool growth and connection rejections.
|
|
max_overflow = {{ lacre_pooling_max_overflow }}
|
|
|
|
[enc_keymap]
|
|
# You can find these by running the following command:
|
|
# gpg --list-keys --keyid-format long user@example.com
|
|
# Which will return output similar to:
|
|
# pub 1024D/AAAAAAAAAAAAAAAA 2007-10-22
|
|
# uid Joe User <user@example.com>
|
|
# sub 2048g/BBBBBBBBBBBBBBBB 2007-10-22
|
|
# You want the AAAAAAAAAAAAAAAA not BBBBBBBBBBBBBBBB.
|
|
#you@domain.tld = 12345678
|
|
|
|
[enc_domain_keymap]
|
|
# This seems to be similar to the [enc_keymap] section. However, you
|
|
# can define default keys for a domain here. Entries in the enc_keymap
|
|
# and individual keys stored on the system have a higher priority than
|
|
# the default keys specified here.
|
|
#
|
|
#
|
|
# You can find these by running the following command:
|
|
# gpg --list-keys --keyid-format long user@example.com
|
|
# Which will return output similar to:
|
|
# pub 1024D/AAAAAAAAAAAAAAAA 2007-10-22
|
|
# uid Joe User <user@example.com>
|
|
# sub 2048g/BBBBBBBBBBBBBBBB 2007-10-22
|
|
# You want the AAAAAAAAAAAAAAAA not BBBBBBBBBBBBBBBB.
|
|
#domain.tld = 12345678
|
|
|
|
[dec_keymap]
|
|
# You can find these by running the following command:
|
|
# gpg --list-secret-keys --keyid-format long user@example.com
|
|
# Which will return output similar to:
|
|
# sec 1024D/AAAAAAAAAAAAAAAA 2007-10-22
|
|
# uid Joe User <user@example.com>
|
|
# ssb 2048g/BBBBBBBBBBBBBBBB 2007-10-22
|
|
# You want the AAAAAAAAAAAAAAAA not BBBBBBBBBBBBBBBB.
|
|
#you@domain.tld = 12345678
|
|
|
|
[pgp_style]
|
|
# Here a PGP style (inline or PGP/MIME) could be defined for recipients.
|
|
# This overwrites the setting mime_conversion for the defined recipients.
|
|
# Valid entries are inline and mime
|
|
# If an entry is not valid, the setting mime_conversion is used as fallback.
|
|
#you@domian.tld = mime
|