Hi,
I'm trying to clean up my migrated v2.4 config.
I'm still having a hard time with environment variable expansions :-(
They work in most places. But so far for me not in
mail_plugin_dir ssl_client_* or ssl_server_* listen=
For example, this config using literal file paths works great
ssl_server { ca_file = /path/to/CA.crt.pem ... } ssl_client { ca_file = /path/to/CA.crt.pem ... } protocol doveadm { ssl_server { ca_file = /path/to/CA.crt.pem ... } ... } protocol imap { ssl_server { ca_file = /path/to/CA.crt.pem ... } ... } protocol lmtp { ssl_server { ca_file = /path/to/CA.crt.pem ... } ... } protocol sieve { ssl_server { ca_file = /path/to/CA.crt.pem ... } ... } protocol submission { ssl_server { ca_file = /path/to/CA.crt.pem ... } ... }
When I add an env var
import_environment { CA_FILE=/path/to/CA.crt.pem }
and change any of those
/path/to/CA.crt.pem
instances to this
%{env:CA_FILE}
OR this
$ENV:CA_FILE
I get errors os startup like
dovecot[13660]: doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: ssl_server_request_client_cert=yes, but ssl_server_ca_file not provided
If I go back to literal paths, everything works OK.
I've read these
https://doc.dovecot.org/main/core/settings/variables.html https://doc.dovecot.org/main/core/settings/syntax.html#environment-variables https://doc.dovecot.org/main/core/settings/types.html#file
and as far as I can tell this should work.
Something's different about these that I'm not understanding. Or there's a list of keys that can't use these vars in values.
How do you use ENV var expansion in ssl file paths, listen addresses, etc?
Dave