From 531c94e3c8b5586982a5aff37207f2f8a7cd89c6 Mon Sep 17 00:00:00 2001
From: myve <forge@myve.lan>
Date: Tue, 30 Sep 2025 20:39:19 +0000
Subject: [PATCH] Dovecot 2.4 update

---
 build/Dockerfile.alpine                       |  4 +-
 .../docker-entrypoint/init.d/25-dovecot.sh    |  8 +-
 build/run/installer.sh                        | 78 +++++++++++--------
 3 files changed, 49 insertions(+), 41 deletions(-)

diff --git a/build/Dockerfile.alpine b/build/Dockerfile.alpine
index 2c4b26f..3931b86 100644
--- a/build/Dockerfile.alpine
+++ b/build/Dockerfile.alpine
@@ -18,8 +18,8 @@ ADD run/docker-entrypoint /docker-entrypoint/
 ADD run/installer.sh /tmp/
 
 # Update Ubuntu Software repository and install requisites
-RUN printf '%s\n' 'https://dl-cdn.alpinelinux.org/alpine/v3.21/main/' \
-    'https://dl-cdn.alpinelinux.org/alpine/v3.21/community/' >/etc/apk/repositories \
+RUN printf '%s\n' 'https://dl-cdn.alpinelinux.org/alpine/latest-stable/main/' \
+    'https://dl-cdn.alpinelinux.org/alpine/latest-stable/community/' >/etc/apk/repositories \
     # Pre-create vmail user
     && addgroup -g 600 vmail \
     && adduser -S -D -h /var/vmail -u 600 -G vmail vmail \
diff --git a/build/run/docker-entrypoint/init.d/25-dovecot.sh b/build/run/docker-entrypoint/init.d/25-dovecot.sh
index cebabe0..fa5599c 100755
--- a/build/run/docker-entrypoint/init.d/25-dovecot.sh
+++ b/build/run/docker-entrypoint/init.d/25-dovecot.sh
@@ -1,12 +1,10 @@
 #!/usr/bin/env bash
-# 10-auth.conf
-sed -i "s/{{MYVEMAIL_DOMAIN}}/${MYVEMAIL_DOMAIN}/" /etc/dovecot/dovecot.conf
-
-# dovecot-sql.conf.ext
+# dovecot.conf
 sed -e "s/{{MYVEMAIL_POSTFIXADMIN_DBNAME}}/${MYVEMAIL_POSTFIXADMIN_DBNAME}/" \
     -e "s/{{MYVEMAIL_POSTFIXADMIN_DBUSER}}/${MYVEMAIL_POSTFIXADMIN_DBUSER}/" \
     -e "s/{{MYVEMAIL_POSTFIXADMIN_DBPASS}}/${MYVEMAIL_POSTFIXADMIN_DBPASS}/" \
-    -i /etc/dovecot/dovecot-sql.conf.ext
+    -e "s/{{MYVEMAIL_DOMAIN}}/${MYVEMAIL_DOMAIN}/" \
+    -i /etc/dovecot/dovecot.conf
 
 # Permissions
 chown vmail:vmail /var/vmail/ -R
diff --git a/build/run/installer.sh b/build/run/installer.sh
index 04584e1..7499872 100755
--- a/build/run/installer.sh
+++ b/build/run/installer.sh
@@ -169,27 +169,43 @@ rm -r /etc/dovecot/ /etc/ssl/dovecot/
 mkdir -p /etc/dovecot/ /etc/ssl/dovecot/
 
 # dovecot.conf
-cat >/etc/dovecot/dovecot.conf <<- dovecot.conf
-passdb {
-  driver = sql
-  args = /etc/dovecot/dovecot-sql.conf.ext
+install -m 0600 /dev/stdin /etc/dovecot/dovecot.conf <<- dovecot.conf
+dovecot_config_version = 2.4.1
+dovecot_storage_version = 2.4.1
+
+sql_driver = mysql
+mysql /run/mysqld/mysqld.sock {
+    user = {{MYVEMAIL_POSTFIXADMIN_DBUSER}}
+    password = {{MYVEMAIL_POSTFIXADMIN_DBPASS}}
+    dbname = {{MYVEMAIL_POSTFIXADMIN_DBNAME}}
 }
-userdb {
-  driver = sql
-  args = /etc/dovecot/dovecot-sql.conf.ext
+passdb sql {
+    query = SELECT username AS user, \\
+      password FROM mailbox WHERE username = '%{user}' AND active='1'
+    default_password_scheme = ARGON2I
+}
+userdb sql {
+    fields {
+      home = /var/vmail/%{user|domain}/%{user|username}
+    }
+    query = SELECT '~/Maildir' AS mail_path, \\
+      600 AS uid, \\
+      600 AS gid \\
+      FROM mailbox WHERE username = '%{user}' AND active='1'
+    iterate_query = SELECT username AS user FROM mailbox
 }
 
-disable_plaintext_auth = yes
-auth_username_format = %Lu
+auth_username_format = %{user|lower}
 auth_mechanisms = plain login
-auth_default_realm = {{MYVEMAIL_DOMAIN}}
+auth_default_domain = {{MYVEMAIL_DOMAIN}}
 auth_debug = yes
 auth_debug_passwords = yes
 
 # mbox_write_locks = fcntl
 mail_privileged_group = mail
-mail_location = maildir:~/Maildir
-mail_home = /var/vmail/%d/%n/
+mail_home = /var/vmail/%{user|domain}/%{user|username}
+mail_driver = maildir
+mail_path = ~/Maildir
 
 service lmtp {
   unix_listener /var/spool/postfix/private/dovecot-lmtp {
@@ -219,8 +235,8 @@ unix_listener stats-writer {
 }
 
 ssl = required
-ssl_prefer_server_ciphers = yes
 ssl_min_protocol = TLSv1.2
+ssl_server_prefer_ciphers = server
 
 namespace inbox {
   inbox = yes
@@ -236,10 +252,6 @@ namespace inbox {
     auto = subscribe
     special_use = \Junk
   }
-  mailbox Trash {
-    auto = subscribe
-    special_use = \Trash
-  }
   mailbox Sent {
     auto = subscribe
     special_use = \Sent
@@ -247,29 +259,27 @@ namespace inbox {
   mailbox "Sent Messages" {
     special_use = \Sent
   }
+  mailbox Trash {
+    auto = subscribe
+    special_use = \Trash
+  }
 }
 
 protocols = imap lmtp
 
-!include_try ssl-keys.conf
+ssl_server {
+    dh_file   = /etc/ssl/dovecot/dh.pem
+    cert_file = /etc/ssl/dovecot/tls.pem
+    key_file  = /etc/ssl/dovecot/tls.key
+}
 dovecot.conf
 
-# dovecot-sql.conf.ext
-cat >/etc/dovecot/dovecot-sql.conf.ext <<- 'dovecot'
-driver = mysql
-connect = host=localhost dbname={{MYVEMAIL_POSTFIXADMIN_DBNAME}} user={{MYVEMAIL_POSTFIXADMIN_DBUSER}} password={{MYVEMAIL_POSTFIXADMIN_DBPASS}}
-default_pass_scheme = ARGON2I
-password_query = SELECT username AS user,password FROM mailbox WHERE username = '%u' AND active='1'
-user_query = SELECT maildir, 600 AS uid, 600 AS gid FROM mailbox WHERE username = '%u' AND active='1'
-iterate_query = SELECT username AS user FROM mailbox
-dovecot
-
-# 10-ssl.conf
-install -m 0600 /dev/stdin /etc/dovecot/ssl-keys.conf <<- 'ssl-keys.conf'
-ssl_dh   = </etc/ssl/dovecot/dh.pem
-ssl_cert = </etc/ssl/dovecot/tls.pem
-ssl_key  = </etc/ssl/dovecot/tls.key
-ssl-keys.conf
+# # 10-ssl.conf
+# install -m 0600 /dev/stdin /etc/dovecot/ssl-keys.conf <<- 'ssl-keys.conf'
+# ssl_dh   = </etc/ssl/dovecot/dh.pem
+# ssl_cert = </etc/ssl/dovecot/tls.pem
+# ssl_key  = </etc/ssl/dovecot/tls.key
+# ssl-keys.conf
 
 # Virtual mailboxes
 install -m 0640 /dev/stdin /etc/postfix/sql/virtual_domains_maps.cf <<- eof