global: Convert crypt_private_key and crypt_global_public_key to file…

… type
sirainen · Feb 2, 2024 · 49180b9 · 49180b9
1 parent f9e5d1f
commit 49180b9
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 14 deletions.
diff --git a/source/configuration_manual/mail_crypt_plugin.rst b/source/configuration_manual/mail_crypt_plugin.rst
@@ -70,7 +70,7 @@ See :ref:`plugin-mail-crypt`.
 Per-user settings may be returned by
 :ref:`authentication-user_database_extra_fields`. To provide
 :dovecot_plugin:ref:`crypt_global_private_key` or
-:dovecot_plugin:ref:`crypt_global_public_key` as a single line userdb
+:dovecot_plugin:ref:`crypt_global_public_key_file` as a single line userdb
 attribute, you can base64 encode the original PEM key contents. For example,
 
 .. code-block:: none
@@ -217,9 +217,9 @@ These keys can then be used with this configuration:
     mail_crypt = yes
   }
 
-  crypt_global_public_key = <rsapubkey.pem
+  crypt_global_public_key_file = rsapubkey.pem
   crypt_global_private_key main {
-    crypt_private_key = <rsaprivkey.pem
+    crypt_private_key_file = rsaprivkey.pem
     crypt_private_password = qwerty
   }
 
@@ -255,9 +255,9 @@ These keys can now be used with this configuration:
     mail_crypt = yes
   }
 
-  crypt_global_public_key = <ecpubkey.pem
+  crypt_global_public_key_file = ecpubkey.pem
   crypt_global_private_key main {
-    crypt_private_key = <ecprivkey.pem
+    crypt_private_key_file = ecprivkey.pem
   }
 
 .. _pkey_format:
@@ -340,7 +340,7 @@ encrypt new mail, use empty :dovecot_plugin:ref:`crypt_write_algorithm` setting:
 
   crypt_write_algorithm =
   crypt_global_private_key main {
-    crypt_private_key = <server.key
+    crypt_private_key_file = server.key
   }
 
 .. _mail_crypt_acl_plugin:
@@ -405,9 +405,9 @@ To encrypt/decrypt files manually, you can use
   doveadm \
     -o fs_driver=crypt \
     -o fs_parent/fs_driver=posix \
-    -o crypt_private_key="$(cat pubkey.pem)" \
+    -o crypt_private_key_file=pubkey.pem \
     -o crypt_global_private_key=main \
-    -o crypt_global_private_key/main/crypt_private_key="$(cat privkey.pem)" \
+    -o crypt_global_private_key/main/crypt_private_key_file=privkey.pem \
     fs get/put '' path/to/input-file [/path/to/output-file]
 
 doveadm plugin

diff --git a/source/settings/plugin/mail-crypt-plugin.rst b/source/settings/plugin/mail-crypt-plugin.rst
@@ -50,10 +50,10 @@ Settings
    :values: @named_list_filter
 
    List of private key(s) to decrypt files. Add 
-   :dovecot_plugin:ref:`crypt_private_key` and optionally
+   :dovecot_plugin:ref:`crypt_private_key_file` and optionally
    :dovecot_plugin:ref:`crypt_private_key_password` inside each filter.
 
-.. dovecot_plugin:setting:: crypt_global_public_key
+.. dovecot_plugin:setting:: crypt_global_public_key_file
    :plugin: mail-crypt
    :values: @string
 
@@ -68,7 +68,7 @@ Settings
    :values: @named_list_filter
 
    List of global private key(s) to decrypt mails. Add
-   :dovecot_plugin:ref:`crypt_private_key` and optionally
+   :dovecot_plugin:ref:`crypt_private_key_file` and optionally
    :dovecot_plugin:ref:`crypt_private_key_password` inside each filter.
 
 
@@ -77,7 +77,7 @@ Settings
    :values: @named_list_filter
 
    List of private key(s) to decrypt user's master private key. Add
-   :dovecot_plugin:ref:`crypt_private_key` and optionally
+   :dovecot_plugin:ref:`crypt_private_key_file` and optionally
    :dovecot_plugin:ref:`crypt_private_key_password` inside each filter.
 
 
@@ -117,7 +117,7 @@ Settings
    :dovecot_plugin:ref:`crypt_user_key_encryption_key`.
 
 
-.. dovecot_plugin:setting:: crypt_private_key
+.. dovecot_plugin:setting:: crypt_private_key_file
    :plugin: mail-crypt
    :values: @string
 
@@ -133,6 +133,6 @@ Settings
    :plugin: mail-crypt
    :values: @string
 
-   Password to decrypt :dovecot_plugin:ref:`crypt_private_key`.
+   Password to decrypt :dovecot_plugin:ref:`crypt_private_key_file`.