# Variables of this file can be overwritten with
# /etc/default/container-postfix
# This file only contains the variables with default
# values, for a full list of supported environment variables
# please look at the postfix container image documentation and
# container-postfix.service file.

# Name of the image path to pull the postfix image from
POSTFIX_IMAGE_PATH=registry.opensuse.org/opensuse/postfix:latest

# Name of the path where the postfix spool directory will be stored
POSTFIX_SPOOL_DIR="/srv/postfix/spool"

# Name of the path where the virtual user mail will be stored
POSTFIX_VMAIL_DIR="/srv/postfix/vmail"

# Directory, where additional certificates (trust and blacklist) can
# be found. Directory structure is like below /etc/pki
EXTRA_PKI_DIR="/srv/postfix/pki"

# Name of the path where the files with the passwords for
# LDAP_ADMIN_PASSWORD and LDAP_CONFIG_PASSWORD can be found. The file
# names needs to be the ones of the variable names and should not
# be readable for anybody else. This directory is mounted as volume
# to "/etc/postfix-secrets" inside the container.
SECRETS_DIR="/etc/postfix-secrets"

# Location of the file with the password to authenticate to
# a mail server.
SMTP_PASSWORD_FILE="/etc/postfix-secrets/SMTP_PASSWORD"

# Ports which needs to be exported
POSTFIX_PORTS="-p 25:25 -p 465:465 -p 587:587"

# Extra arguments for podman to start the container
PODMAN_EXTRA_ARGS=""

# Disable mailboxes for virtual users by default
VIRTUAL_MBOX=0

# User/group ID of the user owning the virtual mailboxes
VMAIL_UID=5000

# Enable submission (port 587)
ENABLE_SUBMISSION=0

# Enable submissions/smtps (port 465). This requires SMTPD_USE_TLS=1
ENABLE_SUBMISSIONS=0

# Setup TLS/SSL for "submission" and "submissions".
SMTPD_USE_TLS=1

# Directory, where private and public certificate is stored.
# Directory is mounted on /etc/postfix/ssl/certs
POSTFIX_CERTS_DIR=/srv/postfix/certs

# Public certificate 
SMTPD_TLS_CRT=/etc/postfix/ssl/certs/fullchain.pem

# Private certificate key
SMTPD_TLS_KEY=/etc/postfix/ssl/certs/privkey.pem

# If the virtual users are provided by LDAP 
USE_LDAP=0

# If we use LDAP, use a TLS secured connection
LDAP_USE_TLS=1

# Location of the file with the password to authenticate a bind
# with the bind_dn distinguished name.
LDAP_BIND_PASSWORD_FILE="/etc/postfix-secrets/LDAP_BIND_PASSWORD"
