Roundcube

MUA Webmail client.

Setup MTA and MDA before configuration. See Email.

Ports

---
###############################################################################
# Ports Configuration
###############################################################################
# Ports should be managed externally via an OS role.

ports:
  - {proto: 'tcp', from_ip: 'any',       to_port: 80, direction: 'in', comment: 'roundcube http'}

Defaults

---
###############################################################################
# Roundcube Role Configuration
###############################################################################
# Assume that mysql & postgres DBs have been created before role is run. SQLite
# is managed entirely in this role. See references.
#
# Reference:
# * https://github.com/roundcube/roundcubemail/wiki/Installation#database-configuration
# * https://github.com/roundcube/roundcubemail/blob/master/UPGRADING
# * https://github.com/roundcube/roundcubemail/releases

# Version. Default: '1.5.0'. Changing to a later version will automatically
# apply an upgrade with related DB changes.
roundcube_version: '1.5.0'

# Should old roundcube installs be removed automatically on upgrade success?
roundcube_delete_old_versions: true

###############################################################################
# Roundcube General Settings
###############################################################################

# Display name (login and title bar).
roundcube_product_name: 'Roundcube Webmail'

# Support link. Do not link to roundcube site.
roundcube_support_url: '{{ ansible_fqdn }}/support'

# Append this domain to user logins without a domain.
roundcube_username_domain: 'example.com'

# RFC1766 language name. (e.g. en_US, de_DE).
roundcube_language: 'en_US'

# Skin to use: classic, elastic, larry. Default: 'elastic'.
roundcube_skin: 'elastic'

# Timezone to use. (e.g. America/Log_Angeles). This should be set to the
# timezone that the server is running in to prevent session issues.
# Check with: date "+%Z". Default: 'UTC'.
roundcube_timezone: 'UTC'

# Allow all attached files to be download as one zip file.
roundcube_zipdownload_selection: true

###############################################################################
# Roundcube URL/Proxy Configuration
###############################################################################

# Proxy whitelist (IPs to whitelist for proxy connections)
roundcube_proxy_whitelist: []

# Enable SSL. When SSL is disabled http (80) will be redirected to https (443).
roundcube_ssl_enable: false

# Fullchain SSL certificate (fullchain.pem); snakeoil certificate provided by
# default. Only used if SSL is enabled.
roundcube_ssl_fullchain: '/etc/ssl/certs/ssl-cert-snakeoil.pem'

# Certificate private key (privkey.pem); snakeoil certificate provided by
# default. Only used if SSL is enabled.
roundcube_ssl_private: '/etc/ssl/private/ssl-cert-snakeoil.key'

# Disable the 'default' site in sites-enabled. Roundcube is hosted on /; and
# default site (also hosted on /) should be disabled by default. Only change
# this if manually managing NGINX.
roundcube_nginx_default_delete: true

###############################################################################
# Roundcube (www-data) User
###############################################################################
# User that roundcube will run under. Assumes externally managed.
roundcube_user:  'www-data'
roundcube_group: 'www-data'

# Create 'www-data' user if not detected? See: vars/main.yml.
roundcube_create_user: false

###############################################################################
# Roundcube Database
###############################################################################
# Roundcube supports mysql, pgsql, and sqlite3. sqlite is entirely managed in
# the role, while mysql & postgres are assumed to be created already.
#
# See reference for mysql, postgres sql creation; initial tables can be found
# in the install location under /var/www/html/roundcube-{VERSION}/SQL/.
#
# Only roundcube_db_type, roundcube_db_name need to be set for sqlite. This db
# will be created in /var/www/html/roundcube-{VERSION}/db/{sqlite}. Version
# upgrades will copy database to the new version before upgrading.
#
# Databse upgrades, regardless of backend, are applied automatically.
#
# Reference:
# * https://github.com/roundcube/roundcubemail/wiki/Installation#database-configuration

# Database type. mysql, pgsql, sqlite. Default: 'pgsql'.
roundcube_db_type:     'pgsql'

# DB name on SQL servers. DB filename for sqlite.
roundcube_db_name:     'roundcube' # DB filename for sqlite
roundcube_db_host:     '127.0.0.1' # leave blank for sqlite
roundcube_db_port:     5432        # leave blank for sqlite
roundcube_db_user:     'use vault' # leave blank for sqlite
roundcube_db_password: 'use vault' # leave blank for sqlite

###############################################################################
# Roundcube Mail Settings
###############################################################################

# IMAP server to login to. Leaving this blank will prompt the user to set it
# themselves. Use 'ssl://' for implicit TLS, or 'tls://' for STARTTLS. Accepts
# roundcube configuration parameters:
# * %n: hostname ($_SERVER['SERVER_NAME']) 'mail.domain.tld'
# * %t: hostname without the first part 'domain.tld'
# * %d: domain (http hostname $_SERVER['HTTP_HOST'] without the first part)
# * %s: domain name after the '@' from e-mail address provided at login screen
roundcube_imap_host: 'ssl://mail.example.com'

# IMAP server port. 143: cleartext, 993: IMAP over TLS. Default: 993.
roundcube_imap_port: 993

# SMTP server for outgoing email. Use 'ssl://' for Implicit TLS, or 'tls://'
# for STARTTLS. Accepts roundcube configuration parameters:
# * %h: user's IMAP hostname
# * %n: hostname ($_SERVER['SERVER_NAME']) 'mail.domain.tld'
# * %t: hostname without the first part 'domain.tld'
# * %d: domain (http hostname $_SERVER['HTTP_HOST'] without the first part)
# * %z: IMAP domain (IMAP hostname without the first part)
roundcube_smtp_server: 'tls://mail.example.com'

# SMTP sever port; 25: cleartext, 465: Implicit TLS, 587: STARTTLS.
# Default: 587.
roundcube_smtp_port: 587

# SMTP username. May be blank. Accepts roundcube configuration parameters:
# * %u: user's username.
# Default: '%u'.
roundcube_smtp_user: '%u'

# SMTP password. May be blank. Accepts roundcube configuration parameters:
# * %p: user's password.
# Default: '%p'.
roundcube_smtp_pass: '%p'

###############################################################################
# Roundcube Security
###############################################################################

# Used to encrypt the IMAP password stored in session records. The default
# cipher requires the length to be EXACTLY 24 characters. Use vault.
roundcube_des_key: 'use vault, 24 characters'

# Verify client uses the same origin IP (increases security, but may fail on
# clients using proxies with multiple roaming IPs).
roundcube_ip_check: true

# Log to syslog, not to writeable www-data directory. Options: syslog, stdout,
# file. Use roundcube_custom_config to set additional logging options.
roundcube_log_driver: 'syslog'

# Log login failures to logging device (enables fail2ban usage).
roundcube_log_logins: true

###############################################################################
# Roundcube PHP FPM Settings
###############################################################################
# Collection of non-roundcube specific PHP FPM configuration.

# Probability (X/100) to run session cleanup on login.
roundcube_session_gc_probability: 1

# Use strict mode (do not accept uninitialized session, force re-create).
roundcube_session_use_strict_mode: 1

# Max post size. 25 Megabytes is current provider limits. Should match
# roundcube_upload_max_filesize.
roundcube_post_max_size: '25M'

# Max upload fizesize. 25 Megabytes is current provider limits.
roundcube_upload_max_filesize: '25M'

###############################################################################
# Roundcube Plugins
###############################################################################
# All plugins and skins are available as the 'complete' version is installed.
# Available plugins can be found in the 'complete' package or locall at:
# /var/www/html/roundcube-{VERSION}/plugins/.

# List of plugins to enable on roundcube.
roundcube_plugins:
  - 'archive'
  - 'attachment_reminder'
  - 'emoticons'
  - 'enigma'
  - 'identicon'
  - 'jqueryui'
  - 'newmail_notifier'
  - 'vcard_attachments'
  - 'zipdownload'

###############################################################################
# Roundcube Spellcheck
###############################################################################

# Enable the spellcheck plugin.
roundcube_enable_spellcheck: true

# Use pspell for spellcheck; default google service is turned down.
roundcube_spellcheck_dictionary: 'pspell'

###############################################################################
# Roundcube Custom Configuration
###############################################################################
# Custom configruation values for roundcube. This includes any additional
# options that are previously undefined or plugins that were enabled.
#
# All key/value pairs should be strings in this file, regardless of the
# datatype in the config. Double quote strings ('""') if quoted strings are
# needed in the resulting config.
#
# roundcube_custom_config:
#   my_plugin: 'some option to set'
#
# Results:
#   $config['my_plugin'] = some option to set;
#
# Reference:
# * https://github.com/roundcube/roundcubemail/wiki/Configuration

roundcube_custom_config: []