From 1e088983f6a80b6fd47543d0b4989e9ddb3234d5 Mon Sep 17 00:00:00 2001
From: Cullum Smith <cullum@sacredheartsc.com>
Date: Fri, 4 Oct 2024 21:59:59 -0400
Subject: add imap stuff

---
 files/etc/cron.d/acme.common                       |   2 +
 files/etc/pf.conf.freebsd                          |   6 +-
 .../etc/dovecot/conf.d/10-auth.conf.imap_server    |   7 +
 .../etc/dovecot/conf.d/10-mail.conf.imap_server    |  23 ++
 .../etc/dovecot/conf.d/10-master.conf.imap_server  |  32 +++
 .../etc/dovecot/conf.d/10-ssl.conf.imap_server     |   8 +
 .../etc/dovecot/conf.d/15-lda.conf.imap_server     |   8 +
 .../dovecot/conf.d/15-mailboxes.conf.imap_server   |  31 +++
 .../etc/dovecot/conf.d/20-imap.conf.imap_server    |   3 +
 .../etc/dovecot/conf.d/20-lmtp.conf.imap_server    |   3 +
 .../dovecot/conf.d/20-managesieve.conf.imap_server |  11 +
 .../etc/dovecot/conf.d/90-fts.conf.imap_server     |   6 +
 .../etc/dovecot/conf.d/90-quota.conf.imap_server   |  32 +++
 .../conf.d/90-sieve-extprograms.conf.imap_server   |   3 +
 .../etc/dovecot/conf.d/90-sieve.conf.imap_server   |  28 +++
 .../dovecot/conf.d/auth-ldap.conf.ext.imap_server  |   8 +
 .../dovecot-ldap-passdb.conf.ext.imap_server       |  11 +
 .../dovecot-ldap-userdb.conf.ext.imap_server       |  17 ++
 .../usr/local/etc/dovecot/dovecot.conf.imap_server |   5 +
 .../local/etc/dovecot/report-ham.sieve.imap_server |  15 ++
 .../etc/dovecot/report-spam.sieve.imap_server      |   7 +
 .../sieve-before.d/10-rspamd.sieve.imap_server     |   5 +
 files/usr/local/etc/nginx/nginx.conf.common        |   2 +-
 .../local/etc/poudriere.d/make.conf.pkg_repository |   1 -
 .../local/etc/poudriere.d/pkglist.pkg_repository   |   4 +-
 files/usr/local/etc/rc.d/solr.imap_server          |  76 ++++++
 files/usr/local/etc/rc.d/tika.imap_server          |  55 ++++
 files/usr/local/etc/solr/log4j2.xml.imap_server    |  17 ++
 .../usr/local/etc/solr/solrconfig.xml.imap_server  | 280 +++++++++++++++++++++
 files/usr/local/etc/sudoers.d/acme.smtp_server     |   1 +
 files/usr/local/etc/tika/config.xml.imap_server    |  21 ++
 files/usr/local/etc/tika/log4j2.xml.imap_server    |  17 ++
 .../libexec/dovecot/quota-warning.sh.imap_server   |  20 ++
 .../dovecot/sieve-pipe/report-ham.sh.imap_server   |   7 +
 .../dovecot/sieve-pipe/report-spam.sh.imap_server  |   7 +
 .../db/solr/dovecot/conf/schema.xml.imap_server    |  48 ++++
 .../solr/dovecot/conf/solrconfig.xml.imap_server   |  91 +++++++
 files/var/db/solr/solr.xml.imap_server             |  76 ++++++
 38 files changed, 988 insertions(+), 6 deletions(-)
 create mode 100644 files/etc/cron.d/acme.common
 create mode 100644 files/usr/local/etc/dovecot/conf.d/10-auth.conf.imap_server
 create mode 100644 files/usr/local/etc/dovecot/conf.d/10-mail.conf.imap_server
 create mode 100644 files/usr/local/etc/dovecot/conf.d/10-master.conf.imap_server
 create mode 100644 files/usr/local/etc/dovecot/conf.d/10-ssl.conf.imap_server
 create mode 100644 files/usr/local/etc/dovecot/conf.d/15-lda.conf.imap_server
 create mode 100644 files/usr/local/etc/dovecot/conf.d/15-mailboxes.conf.imap_server
 create mode 100644 files/usr/local/etc/dovecot/conf.d/20-imap.conf.imap_server
 create mode 100644 files/usr/local/etc/dovecot/conf.d/20-lmtp.conf.imap_server
 create mode 100644 files/usr/local/etc/dovecot/conf.d/20-managesieve.conf.imap_server
 create mode 100644 files/usr/local/etc/dovecot/conf.d/90-fts.conf.imap_server
 create mode 100644 files/usr/local/etc/dovecot/conf.d/90-quota.conf.imap_server
 create mode 100644 files/usr/local/etc/dovecot/conf.d/90-sieve-extprograms.conf.imap_server
 create mode 100644 files/usr/local/etc/dovecot/conf.d/90-sieve.conf.imap_server
 create mode 100644 files/usr/local/etc/dovecot/conf.d/auth-ldap.conf.ext.imap_server
 create mode 100644 files/usr/local/etc/dovecot/dovecot-ldap-passdb.conf.ext.imap_server
 create mode 100644 files/usr/local/etc/dovecot/dovecot-ldap-userdb.conf.ext.imap_server
 create mode 100644 files/usr/local/etc/dovecot/dovecot.conf.imap_server
 create mode 100644 files/usr/local/etc/dovecot/report-ham.sieve.imap_server
 create mode 100644 files/usr/local/etc/dovecot/report-spam.sieve.imap_server
 create mode 100644 files/usr/local/etc/dovecot/sieve-before.d/10-rspamd.sieve.imap_server
 create mode 100644 files/usr/local/etc/rc.d/solr.imap_server
 create mode 100644 files/usr/local/etc/rc.d/tika.imap_server
 create mode 100644 files/usr/local/etc/solr/log4j2.xml.imap_server
 create mode 100644 files/usr/local/etc/solr/solrconfig.xml.imap_server
 create mode 100644 files/usr/local/etc/sudoers.d/acme.smtp_server
 create mode 100644 files/usr/local/etc/tika/config.xml.imap_server
 create mode 100644 files/usr/local/etc/tika/log4j2.xml.imap_server
 create mode 100644 files/usr/local/libexec/dovecot/quota-warning.sh.imap_server
 create mode 100644 files/usr/local/libexec/dovecot/sieve-pipe/report-ham.sh.imap_server
 create mode 100644 files/usr/local/libexec/dovecot/sieve-pipe/report-spam.sh.imap_server
 create mode 100644 files/var/db/solr/dovecot/conf/schema.xml.imap_server
 create mode 100644 files/var/db/solr/dovecot/conf/solrconfig.xml.imap_server
 create mode 100644 files/var/db/solr/solr.xml.imap_server

(limited to 'files')

diff --git a/files/etc/cron.d/acme.common b/files/etc/cron.d/acme.common
new file mode 100644
index 0000000..05bf064
--- /dev/null
+++ b/files/etc/cron.d/acme.common
@@ -0,0 +1,2 @@
+MAILTO=root
+00 15 * * * ${acme_user} lockf -t 0 /tmp/acme-cron.lock acme.sh --cron --home ${acme_home} --syslog 6 > /dev/null
diff --git a/files/etc/pf.conf.freebsd b/files/etc/pf.conf.freebsd
index e01f49d..881fcea 100644
--- a/files/etc/pf.conf.freebsd
+++ b/files/etc/pf.conf.freebsd
@@ -5,8 +5,12 @@ $(if [ -n "${pf_egress_interfaces:-}" ]; then
   fi)
 allowed_tcp_ports = "{ $(join ', ' ${allowed_tcp_ports:-}) }"
 allowed_udp_ports = "{ $(join ', ' ${allowed_udp_ports:-}) }"
+
+$([ "${acme_standalone:-}" = true ] && cat <<EOF
 acme_standalone_port = ${acme_standalone_port}
-acme_standalone_user = ${acme_uid}
+acme_standalone_user = $(id -u "$acme_user")
+EOF
+)
 nfscbd_port = ${nfscbd_port}
 
 set block-policy return
diff --git a/files/usr/local/etc/dovecot/conf.d/10-auth.conf.imap_server b/files/usr/local/etc/dovecot/conf.d/10-auth.conf.imap_server
new file mode 100644
index 0000000..7a908e6
--- /dev/null
+++ b/files/usr/local/etc/dovecot/conf.d/10-auth.conf.imap_server
@@ -0,0 +1,7 @@
+auth_default_realm = ${realm}
+auth_gssapi_hostname = "\$ALL"
+auth_username_format = %Ln
+auth_mechanisms = gssapi plain login
+auth_cache_size = 10M
+
+!include auth-ldap.conf.ext
diff --git a/files/usr/local/etc/dovecot/conf.d/10-mail.conf.imap_server b/files/usr/local/etc/dovecot/conf.d/10-mail.conf.imap_server
new file mode 100644
index 0000000..0fa15ea
--- /dev/null
+++ b/files/usr/local/etc/dovecot/conf.d/10-mail.conf.imap_server
@@ -0,0 +1,23 @@
+mail_location = mdbox:~/mdbox
+
+namespace inbox {
+  type = private
+  separator = /
+  inbox = yes
+  subscriptions = yes
+}
+
+mail_plugins = \$mail_plugins quota virtual fts fts_solr
+
+mail_privileged_group = ${dovecot_vmail_user}
+
+first_valid_uid = ${dovecot_vmail_uid}
+last_valid_uid = ${dovecot_vmail_uid}
+
+first_valid_gid = ${dovecot_vmail_uid}
+last_valid_gid = ${dovecot_vmail_uid}
+
+# recommended configuration for quota:count
+protocol !indexer-worker {
+  mail_vsize_bg_after_count = 100
+}
diff --git a/files/usr/local/etc/dovecot/conf.d/10-master.conf.imap_server b/files/usr/local/etc/dovecot/conf.d/10-master.conf.imap_server
new file mode 100644
index 0000000..1445cb6
--- /dev/null
+++ b/files/usr/local/etc/dovecot/conf.d/10-master.conf.imap_server
@@ -0,0 +1,32 @@
+service imap-login {
+  inet_listener imap {
+    port = 0
+  }
+
+  inet_listener imaps {
+    port = 993
+    ssl = yes
+  }
+}
+
+service lmtp {
+  user = ${dovecot_vmail_user}
+  inet_listener lmtp {
+    port = ${lmtp_port}
+    ssl = yes
+  }
+}
+
+service auth-worker {
+  user = \$default_internal_user
+}
+
+# Allow the vmail user to write to stats. This isn't strictly necessary, but
+# prevents dovecot-lda from spamming the mail log with errors.
+service stats {
+  unix_listener stats-writer {
+    user = dovecot
+    group = ${dovecot_vmail_user}
+    mode = 0660
+  }
+}
diff --git a/files/usr/local/etc/dovecot/conf.d/10-ssl.conf.imap_server b/files/usr/local/etc/dovecot/conf.d/10-ssl.conf.imap_server
new file mode 100644
index 0000000..9f90a47
--- /dev/null
+++ b/files/usr/local/etc/dovecot/conf.d/10-ssl.conf.imap_server
@@ -0,0 +1,8 @@
+ssl = required
+
+ssl_cert = <${dovecot_tls_cert}
+ssl_key = <${dovecot_tls_key}
+
+ssl_min_protocol = TLSv1.2
+ssl_cipher_list = ${dovecot_cipherlist}
+ssl_prefer_server_ciphers = no
diff --git a/files/usr/local/etc/dovecot/conf.d/15-lda.conf.imap_server b/files/usr/local/etc/dovecot/conf.d/15-lda.conf.imap_server
new file mode 100644
index 0000000..557594b
--- /dev/null
+++ b/files/usr/local/etc/dovecot/conf.d/15-lda.conf.imap_server
@@ -0,0 +1,8 @@
+recipient_delimiter = ${dovecot_recipient_delimiter}
+lda_original_recipient_header = X-Original-To
+
+lda_mailbox_autocreate = yes
+
+protocol lda {
+  mail_plugins = \$mail_plugins sieve
+}
diff --git a/files/usr/local/etc/dovecot/conf.d/15-mailboxes.conf.imap_server b/files/usr/local/etc/dovecot/conf.d/15-mailboxes.conf.imap_server
new file mode 100644
index 0000000..540947c
--- /dev/null
+++ b/files/usr/local/etc/dovecot/conf.d/15-mailboxes.conf.imap_server
@@ -0,0 +1,31 @@
+namespace inbox {
+
+  mailbox INBOX {
+    auto = subscribe
+  }
+
+  mailbox Drafts {
+    auto = subscribe
+    special_use = \Drafts
+  }
+
+  mailbox Junk {
+    auto = subscribe
+    special_use = \Junk
+  }
+
+  mailbox Trash {
+    auto = subscribe
+    special_use = \Trash
+  }
+
+  mailbox Sent {
+    auto = subscribe
+    special_use = \Sent
+  }
+
+  mailbox Archive {
+    auto = subscribe
+    special_use = \Archive
+  }
+}
diff --git a/files/usr/local/etc/dovecot/conf.d/20-imap.conf.imap_server b/files/usr/local/etc/dovecot/conf.d/20-imap.conf.imap_server
new file mode 100644
index 0000000..ae67bae
--- /dev/null
+++ b/files/usr/local/etc/dovecot/conf.d/20-imap.conf.imap_server
@@ -0,0 +1,3 @@
+protocol imap {
+  mail_plugins = $mail_plugins imap_quota imap_sieve
+}
diff --git a/files/usr/local/etc/dovecot/conf.d/20-lmtp.conf.imap_server b/files/usr/local/etc/dovecot/conf.d/20-lmtp.conf.imap_server
new file mode 100644
index 0000000..2619ce5
--- /dev/null
+++ b/files/usr/local/etc/dovecot/conf.d/20-lmtp.conf.imap_server
@@ -0,0 +1,3 @@
+protocol lmtp {
+  mail_plugins = $mail_plugins sieve
+}
diff --git a/files/usr/local/etc/dovecot/conf.d/20-managesieve.conf.imap_server b/files/usr/local/etc/dovecot/conf.d/20-managesieve.conf.imap_server
new file mode 100644
index 0000000..f4adea9
--- /dev/null
+++ b/files/usr/local/etc/dovecot/conf.d/20-managesieve.conf.imap_server
@@ -0,0 +1,11 @@
+protocols = $protocols sieve
+
+service managesieve-login {
+  inet_listener sieve {
+    port = 4190
+  }
+
+  inet_listener sieve_deprecated {
+    port = 0
+  }
+}
diff --git a/files/usr/local/etc/dovecot/conf.d/90-fts.conf.imap_server b/files/usr/local/etc/dovecot/conf.d/90-fts.conf.imap_server
new file mode 100644
index 0000000..fbe7e0f
--- /dev/null
+++ b/files/usr/local/etc/dovecot/conf.d/90-fts.conf.imap_server
@@ -0,0 +1,6 @@
+plugin {
+  fts_autoindex = yes
+  fts = solr
+  fts_solr = url=http://127.0.0.1:${solr_port}/solr/dovecot/
+  fts_tika = http://127.0.0.1:${tika_port}/tika/
+}
diff --git a/files/usr/local/etc/dovecot/conf.d/90-quota.conf.imap_server b/files/usr/local/etc/dovecot/conf.d/90-quota.conf.imap_server
new file mode 100644
index 0000000..7bffe9f
--- /dev/null
+++ b/files/usr/local/etc/dovecot/conf.d/90-quota.conf.imap_server
@@ -0,0 +1,32 @@
+plugin {
+  quota = count:User quota
+  quota_vsizes = yes
+  quota_rule = *:storage=${dovecot_default_quota}
+  quota_grace = ${dovecot_quota_grace_percent}%%
+
+  quota_status_success = DUNNO
+  quota_status_nouser = DUNNO
+  quota_status_overquota = "552 5.2.2 Mailbox is full"
+
+  quota_warning  = storage=95%% quota-warning 95 %u ${dovecot_quota_mail_from}
+  quota_warning2 = storage=90%% quota-warning 90 %u ${dovecot_quota_mail_from}
+  quota_warning3 = storage=80%% quota-warning 80 %u ${dovecot_quota_mail_from}
+}
+
+service quota-warning {
+  executable = script ${dovecot_script_dir}/quota-warning.sh
+  user = ${dovecot_vmail_user}
+  unix_listener quota-warning {
+    user = dovecot
+    group = ${dovecot_vmail_user}
+    mode = 0660
+  }
+}
+
+service quota-status {
+  executable = quota-status -p postfix
+  inet_listener {
+    port = ${quota_status_port}
+  }
+  client_limit = 5
+}
diff --git a/files/usr/local/etc/dovecot/conf.d/90-sieve-extprograms.conf.imap_server b/files/usr/local/etc/dovecot/conf.d/90-sieve-extprograms.conf.imap_server
new file mode 100644
index 0000000..06250e9
--- /dev/null
+++ b/files/usr/local/etc/dovecot/conf.d/90-sieve-extprograms.conf.imap_server
@@ -0,0 +1,3 @@
+plugin {
+  sieve_pipe_bin_dir = ${dovecot_sieve_pipe_bin_dir}
+}
diff --git a/files/usr/local/etc/dovecot/conf.d/90-sieve.conf.imap_server b/files/usr/local/etc/dovecot/conf.d/90-sieve.conf.imap_server
new file mode 100644
index 0000000..cd67671
--- /dev/null
+++ b/files/usr/local/etc/dovecot/conf.d/90-sieve.conf.imap_server
@@ -0,0 +1,28 @@
+plugin {
+  sieve = file:~/sieve;active=~/.dovecot.sieve
+
+  sieve_before = ${dovecot_sieve_before_dir}
+
+  sieve_global_extensions = +vnd.dovecot.pipe +vnd.dovecot.execute
+
+  sieve_plugins = sieve_extprograms sieve_imapsieve
+
+  sieve_quota_max_scripts = 10
+  sieve_quota_max_storage = 2M
+
+  # The default value for this is "sender", but that will totally break SPF
+  sieve_redirect_envelope_from = orig_recipient
+
+  # From elsewhere to Junk folder
+  imapsieve_mailbox1_name = Junk
+  imapsieve_mailbox1_causes = COPY
+  imapsieve_mailbox1_before = file:${dovecot_conf_dir}/report-spam.sieve
+
+  # From Junk folder to elsewhere
+  imapsieve_mailbox2_name = *
+  imapsieve_mailbox2_from = Junk
+  imapsieve_mailbox2_causes = COPY
+  imapsieve_mailbox2_before = file:${dovecot_conf_dir}/report-ham.sieve
+
+  sieve_global_extensions = +vnd.dovecot.pipe
+}
diff --git a/files/usr/local/etc/dovecot/conf.d/auth-ldap.conf.ext.imap_server b/files/usr/local/etc/dovecot/conf.d/auth-ldap.conf.ext.imap_server
new file mode 100644
index 0000000..9237f1f
--- /dev/null
+++ b/files/usr/local/etc/dovecot/conf.d/auth-ldap.conf.ext.imap_server
@@ -0,0 +1,8 @@
+passdb {
+  driver = ldap
+  args = ${dovecot_conf_dir}/dovecot-ldap-passdb.conf.ext
+}
+userdb {
+  driver = ldap
+  args = ${dovecot_conf_dir}/dovecot-ldap-userdb.conf.ext
+}
diff --git a/files/usr/local/etc/dovecot/dovecot-ldap-passdb.conf.ext.imap_server b/files/usr/local/etc/dovecot/dovecot-ldap-passdb.conf.ext.imap_server
new file mode 100644
index 0000000..5158954
--- /dev/null
+++ b/files/usr/local/etc/dovecot/dovecot-ldap-passdb.conf.ext.imap_server
@@ -0,0 +1,11 @@
+uris = ${ldap_uri}
+
+sasl_bind = yes
+sasl_mech = gssapi
+sasl_realm = ${realm}
+
+base = ${users_basedn}
+
+auth_bind = yes
+pass_attrs = uid=user
+user_filter = (uid=%u)
diff --git a/files/usr/local/etc/dovecot/dovecot-ldap-userdb.conf.ext.imap_server b/files/usr/local/etc/dovecot/dovecot-ldap-userdb.conf.ext.imap_server
new file mode 100644
index 0000000..fc939a6
--- /dev/null
+++ b/files/usr/local/etc/dovecot/dovecot-ldap-userdb.conf.ext.imap_server
@@ -0,0 +1,17 @@
+uris = ${ldap_uri}
+
+sasl_bind = yes
+sasl_mech = gssapi
+sasl_realm = ${realm}
+
+base = ${users_basedn}
+user_filter = (|(mailAddress=%u)(uid=%u))
+user_attrs = \
+  =user=%{ldap:uid}, \
+  =uid=${dovecot_vmail_uid}, \
+  =gid=${dovecot_vmail_uid}, \
+  =home=${dovecot_vmail_dir}/%{ldap:uid} \
+  mailQuota=quota_rule=\*:storage=%{ldap:mailQuota}
+
+iterate_attrs = uid=user
+iterate_filter = (mailAddress=*)
diff --git a/files/usr/local/etc/dovecot/dovecot.conf.imap_server b/files/usr/local/etc/dovecot/dovecot.conf.imap_server
new file mode 100644
index 0000000..2045e76
--- /dev/null
+++ b/files/usr/local/etc/dovecot/dovecot.conf.imap_server
@@ -0,0 +1,5 @@
+protocols = imap lmtp
+
+import_environment = \$import_environment KRB5_KTNAME=${dovecot_keytab} KRB5_CLIENT_KTNAME=${dovecot_keytab}
+
+!include conf.d/*.conf
diff --git a/files/usr/local/etc/dovecot/report-ham.sieve.imap_server b/files/usr/local/etc/dovecot/report-ham.sieve.imap_server
new file mode 100644
index 0000000..578e7b2
--- /dev/null
+++ b/files/usr/local/etc/dovecot/report-ham.sieve.imap_server
@@ -0,0 +1,15 @@
+require ["vnd.dovecot.pipe", "copy", "imapsieve", "environment", "variables"];
+
+if environment :matches "imap.mailbox" "*" {
+  set "mailbox" "${1}";
+}
+
+if string "${mailbox}" "Trash" {
+  stop;
+}
+
+if environment :matches "imap.email" "*" {
+  set "email" "${1}";
+}
+
+pipe :copy "report-ham.sh" [ "${email}" ];
diff --git a/files/usr/local/etc/dovecot/report-spam.sieve.imap_server b/files/usr/local/etc/dovecot/report-spam.sieve.imap_server
new file mode 100644
index 0000000..d34c71b
--- /dev/null
+++ b/files/usr/local/etc/dovecot/report-spam.sieve.imap_server
@@ -0,0 +1,7 @@
+require ["vnd.dovecot.pipe", "copy", "imapsieve", "environment", "variables"];
+
+if environment :matches "imap.email" "*" {
+  set "email" "${1}";
+}
+
+pipe :copy "report-spam.sh" [ "${email}" ];
diff --git a/files/usr/local/etc/dovecot/sieve-before.d/10-rspamd.sieve.imap_server b/files/usr/local/etc/dovecot/sieve-before.d/10-rspamd.sieve.imap_server
new file mode 100644
index 0000000..7931a71
--- /dev/null
+++ b/files/usr/local/etc/dovecot/sieve-before.d/10-rspamd.sieve.imap_server
@@ -0,0 +1,5 @@
+require ["fileinto"];
+
+if header :is "X-Spam" "Yes" {
+  fileinto "Junk";
+}
diff --git a/files/usr/local/etc/nginx/nginx.conf.common b/files/usr/local/etc/nginx/nginx.conf.common
index 9ab993c..1da7c3c 100644
--- a/files/usr/local/etc/nginx/nginx.conf.common
+++ b/files/usr/local/etc/nginx/nginx.conf.common
@@ -47,7 +47,7 @@ $([ "${nginx_gssapi:-}" = true ] && cat <<EOF
 EOF
 )
 
-$([ "${nginx_acme:-}" = true ] && cat <<EOF
+$([ "${acme:-}" = true ] && [ "${acme_standalone:-}" != true ] && cat <<EOF
   server {
     listen       0.0.0.0:80 default_server;
     listen       [::]:80 default_server;
diff --git a/files/usr/local/etc/poudriere.d/make.conf.pkg_repository b/files/usr/local/etc/poudriere.d/make.conf.pkg_repository
index 6dbbafc..fd35928 100644
--- a/files/usr/local/etc/poudriere.d/make.conf.pkg_repository
+++ b/files/usr/local/etc/poudriere.d/make.conf.pkg_repository
@@ -74,7 +74,6 @@ sysutils_htop_SET=LSOF
 sysutils_k3b_UNSET=EMOVIX VCDIMAGER
 sysutils_rsyslog8_SET=GSSAPI RELP OPENSSL
 sysutils_rsyslog8_UNSET=GCRYPT
-www_apache${apache_version}_SET=AUTHNZ_LDAP LDAP SUEXEC SUEXEC_SYSLOG
 www_chromium_SET=WIDEVINE
 www_firefox_UNSET=PROFILE JACK
 www_nginx_SET=HTTPV3 HTTPV3_QTLS HTTP_AUTH_KRB5 HTTP_AUTH_LDAP
diff --git a/files/usr/local/etc/poudriere.d/pkglist.pkg_repository b/files/usr/local/etc/poudriere.d/pkglist.pkg_repository
index 5e95f8c..d24ce06 100644
--- a/files/usr/local/etc/poudriere.d/pkglist.pkg_repository
+++ b/files/usr/local/etc/poudriere.d/pkglist.pkg_repository
@@ -14,6 +14,7 @@ dns/unbound
 editors/vim@console
 editors/vim@tiny
 ftp/php${php_version}-curl
+java/openjdk21
 lang/python
 lang/php${php_version}
 mail/dovecot
@@ -50,9 +51,6 @@ sysutils/stow
 sysutils/tmux
 sysutils/tree
 textproc/php${php_version}-xml
-www/apache${apache_version}
-www/mod_auth_gssapi
-www/mod_php${php_version}
 www/nginx
 www/php${php_version}-opcache
 www/php${php_version}-session
diff --git a/files/usr/local/etc/rc.d/solr.imap_server b/files/usr/local/etc/rc.d/solr.imap_server
new file mode 100644
index 0000000..70cc324
--- /dev/null
+++ b/files/usr/local/etc/rc.d/solr.imap_server
@@ -0,0 +1,76 @@
+#!/bin/sh
+
+# PROVIDE: solr
+# REQUIRE: LOGIN
+# BEFORE: dovecot
+# KEYWORD: shutdown
+
+. /etc/rc.subr
+
+name=solr
+rcvar=solr_enable
+
+load_rc_config "$name"
+
+: ${solr_enable:='NO'}
+: ${solr_host:='127.0.0.1'}
+: ${solr_port:='8983'}
+: ${solr_syslog_priority:='info'}
+: ${solr_syslog_facility:='daemon'}
+: ${solr_heap_size:='512m'}
+: ${solr_softcommit_ms:='60000'}
+
+solr_java_home=/usr/local/openjdk21
+solr_syslog_tag=solr
+solr_data_dir=/var/db/solr
+solr_install_dir=/usr/local/solr
+solr_conf_dir=/usr/local/etc/solr
+solr_config_file="${solr_conf_dir}/solrconfig.xml"
+solr_log4j_config_file="${solr_conf_dir}/log4j2.xml"
+solr_jar="${solr_install_dir}/server/start.jar"
+
+solr_user=solr
+solr_chdir="${solr_install_dir}/server"
+
+pidfile=/var/run/solr/solr.pid
+command=/usr/sbin/daemon
+
+command_args="-f \
+-s ${solr_syslog_priority} \
+-l ${solr_syslog_facility} \
+-T ${solr_syslog_tag} \
+-p ${pidfile} \
+-t solr \
+${solr_java_home}/bin/java \
+-server \
+-Xmx${solr_heap_size} \
+-XX:+UseG1GC \
+-XX:+PerfDisableSharedMem \
+-XX:+ParallelRefProcEnabled \
+-XX:MaxGCPauseMillis=250 \
+-XX:+AlwaysPreTouch \
+-XX:+ExplicitGCInvokesConcurrent \
+-XX:+CrashOnOutOfMemoryError \
+-Djava.awt.headless=true \
+-Dlog4j.configurationFile=${solr_log4j_config_file} \
+-Djetty.host=${solr_host} \
+-Djetty.port=${solr_port} \
+-Djetty.home=${solr_install_dir}/server \
+-Dsolr.autoSoftCommit.maxTime=${solr_softcommit_ms} \
+-Dsolr.solr.home=${solr_data_dir} \
+-Dsolr.data.home= \
+-Dsolr.install.dir=${solr_install_dir} \
+-Dsolr.default.confdir=${solr_conf_dir} \
+-jar ${solr_jar} \
+--module=http \
+--module=gzip"
+
+required_files="${solr_config_file} ${solr_log4j_config_file} ${solr_jar}"
+procname="${solr_java_home}/bin/java"
+start_precmd=solr_prestart
+
+solr_prestart(){
+  install -d -m 0755 -o ${solr_user} /var/run/solr
+}
+
+run_rc_command "$1"
diff --git a/files/usr/local/etc/rc.d/tika.imap_server b/files/usr/local/etc/rc.d/tika.imap_server
new file mode 100644
index 0000000..95f1c88
--- /dev/null
+++ b/files/usr/local/etc/rc.d/tika.imap_server
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+# PROVIDE: tika
+# REQUIRE: LOGIN
+# BEFORE: dovecot
+# KEYWORD: shutdown
+
+. /etc/rc.subr
+
+name=tika
+rcvar=tika_enable
+
+load_rc_config "$name"
+
+: ${tika_enable:='NO'}
+: ${tika_host:='127.0.0.1'}
+: ${tika_port:='9998'}
+: ${tika_syslog_priority:='info'}
+: ${tika_syslog_facility:='daemon'}
+
+tika_user=tika
+tika_java_home=/usr/local/openjdk21
+tika_syslog_tag=tika
+tika_jar=/usr/local/tika/tika.jar
+tika_config_file=/usr/local/etc/tika/config.xml
+tika_log4j_config_file=/usr/local/etc/tika/log4j2.xml
+
+pidfile=/var/run/tika/tika.pid
+command=/usr/sbin/daemon
+
+command_args="-f \
+-s ${tika_syslog_priority} \
+-l ${tika_syslog_facility} \
+-T ${tika_syslog_tag} \
+-p ${pidfile} \
+-t tika \
+${tika_java_home}/bin/java \
+-server \
+-Xmx64m \
+-Djava.awt.headless=true \
+-Dlog4j.configurationFile=${tika_log4j_config_file} \
+-jar ${tika_jar} \
+-c ${tika_config_file} \
+-h ${tika_host} \
+-p ${tika_port}"
+
+required_files="${tika_config_file} ${tika_log4j_config_file} ${tika_jar}"
+procname="${tika_java_home}/bin/java"
+start_precmd=tika_prestart
+
+tika_prestart(){
+  install -d -m 0755 -o ${tika_user} /var/run/tika
+}
+
+run_rc_command "$1"
diff --git a/files/usr/local/etc/solr/log4j2.xml.imap_server b/files/usr/local/etc/solr/log4j2.xml.imap_server
new file mode 100644
index 0000000..cabde07
--- /dev/null
+++ b/files/usr/local/etc/solr/log4j2.xml.imap_server
@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Configuration>
+  <Appenders>
+    <Console name="STDOUT" target="SYSTEM_OUT">
+      <PatternLayout>
+        <Pattern>
+          %maxLen{%-5p %c %m%notEmpty{ =>%ex{short}}}{10240}%n
+        </Pattern>
+      </PatternLayout>
+    </Console>
+  </Appenders>
+  <Loggers>
+    <Root level="INFO">
+      <AppenderRef ref="STDOUT"/>
+    </Root>
+  </Loggers>
+</Configuration>
diff --git a/files/usr/local/etc/solr/solrconfig.xml.imap_server b/files/usr/local/etc/solr/solrconfig.xml.imap_server
new file mode 100644
index 0000000..f7a9d7b
--- /dev/null
+++ b/files/usr/local/etc/solr/solrconfig.xml.imap_server
@@ -0,0 +1,280 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<config>
+  <luceneMatchVersion>9.3.0</luceneMatchVersion>
+  <!-- the rest of this file is unchanged from the defaults -->
+  <dataDir>${solr.data.dir:}</dataDir>
+  <directoryFactory name="DirectoryFactory"
+                    class="${solr.directoryFactory:solr.NRTCachingDirectoryFactory}"/>
+  <codecFactory class="solr.SchemaCodecFactory"/>
+  <indexConfig>
+    <lockType>${solr.lock.type:native}</lockType>
+  </indexConfig>
+  <jmx />
+  <updateHandler class="solr.DirectUpdateHandler2">
+    <updateLog>
+      <str name="dir">${solr.ulog.dir:}</str>
+      <int name="numVersionBuckets">${solr.ulog.numVersionBuckets:65536}</int>
+    </updateLog>
+    <autoCommit>
+      <maxTime>${solr.autoCommit.maxTime:15000}</maxTime>
+      <openSearcher>false</openSearcher>
+    </autoCommit>
+    <autoSoftCommit>
+      <maxTime>${solr.autoSoftCommit.maxTime:-1}</maxTime>
+    </autoSoftCommit>
+  </updateHandler>
+
+  <query>
+    <maxBooleanClauses>${solr.max.booleanClauses:1024}</maxBooleanClauses>
+    <filterCache size="512"
+                 initialSize="512"
+                 autowarmCount="0"/>
+    <queryResultCache size="512"
+                      initialSize="512"
+                      autowarmCount="0"/>
+
+    <documentCache size="512"
+                   initialSize="512"
+                   autowarmCount="0"/>
+
+    <cache name="perSegFilter"
+           size="10"
+           initialSize="0"
+           autowarmCount="10"
+           regenerator="solr.NoOpRegenerator" />
+
+    <enableLazyFieldLoading>true</enableLazyFieldLoading>
+
+    <queryResultWindowSize>20</queryResultWindowSize>
+
+    <queryResultMaxDocsCached>200</queryResultMaxDocsCached>
+
+    <listener event="newSearcher" class="solr.QuerySenderListener">
+      <arr name="queries">
+      </arr>
+    </listener>
+    <listener event="firstSearcher" class="solr.QuerySenderListener">
+      <arr name="queries">
+      </arr>
+    </listener>
+
+    <useColdSearcher>false</useColdSearcher>
+  </query>
+
+  <circuitBreakers enabled="true">
+  </circuitBreakers>
+
+
+  <requestDispatcher>
+    <httpCaching never304="true" />
+  </requestDispatcher>
+
+  <requestHandler name="/select" class="solr.SearchHandler">
+    <lst name="defaults">
+      <str name="echoParams">explicit</str>
+      <int name="rows">10</int>
+      <str name="df">hdr</str>
+    </lst>
+  </requestHandler>
+
+  <requestHandler name="/query" class="solr.SearchHandler">
+    <lst name="defaults">
+      <str name="echoParams">explicit</str>
+      <str name="wt">json</str>
+      <str name="indent">true</str>
+    </lst>
+  </requestHandler>
+
+  <initParams path="/update/**,/query,/select,/spell">
+    <lst name="defaults">
+      <str name="df">_text_</str>
+    </lst>
+  </initParams>
+
+  <searchComponent name="spellcheck" class="solr.SpellCheckComponent">
+
+    <str name="queryAnalyzerFieldType">text_general</str>
+
+    <lst name="spellchecker">
+      <str name="name">default</str>
+      <str name="field">_text_</str>
+      <str name="classname">solr.DirectSolrSpellChecker</str>
+      <str name="distanceMeasure">internal</str>
+      <float name="accuracy">0.5</float>
+      <int name="maxEdits">2</int>
+      <int name="minPrefix">1</int>
+      <int name="maxInspections">5</int>
+      <int name="minQueryLength">4</int>
+      <float name="maxQueryFrequency">0.01</float>
+    </lst>
+  </searchComponent>
+
+  <requestHandler name="/spell" class="solr.SearchHandler" startup="lazy">
+    <lst name="defaults">
+      <str name="spellcheck.dictionary">default</str>
+      <str name="spellcheck">on</str>
+      <str name="spellcheck.extendedResults">true</str>
+      <str name="spellcheck.count">10</str>
+      <str name="spellcheck.alternativeTermCount">5</str>
+      <str name="spellcheck.maxResultsForSuggest">5</str>
+      <str name="spellcheck.collate">true</str>
+      <str name="spellcheck.collateExtendedResults">true</str>
+      <str name="spellcheck.maxCollationTries">10</str>
+      <str name="spellcheck.maxCollations">5</str>
+    </lst>
+    <arr name="last-components">
+      <str>spellcheck</str>
+    </arr>
+  </requestHandler>
+
+  <searchComponent name="terms" class="solr.TermsComponent"/>
+
+  <requestHandler name="/terms" class="solr.SearchHandler" startup="lazy">
+    <lst name="defaults">
+      <bool name="terms">true</bool>
+      <bool name="distrib">false</bool>
+    </lst>
+    <arr name="components">
+      <str>terms</str>
+    </arr>
+  </requestHandler>
+
+  <searchComponent class="solr.HighlightComponent" name="highlight">
+    <highlighting>
+      <fragmenter name="gap"
+                  default="true"
+                  class="solr.highlight.GapFragmenter">
+        <lst name="defaults">
+          <int name="hl.fragsize">100</int>
+        </lst>
+      </fragmenter>
+
+      <fragmenter name="regex"
+                  class="solr.highlight.RegexFragmenter">
+        <lst name="defaults">
+          <int name="hl.fragsize">70</int>
+          <float name="hl.regex.slop">0.5</float>
+          <str name="hl.regex.pattern">[-\w ,/\n\&quot;&apos;]{20,200}</str>
+        </lst>
+      </fragmenter>
+
+      <formatter name="html"
+                 default="true"
+                 class="solr.highlight.HtmlFormatter">
+        <lst name="defaults">
+          <str name="hl.simple.pre"><![CDATA[<em>]]></str>
+          <str name="hl.simple.post"><![CDATA[</em>]]></str>
+        </lst>
+      </formatter>
+
+      <encoder name="html"
+               class="solr.highlight.HtmlEncoder" />
+
+      <fragListBuilder name="simple"
+                       class="solr.highlight.SimpleFragListBuilder"/>
+
+      <fragListBuilder name="single"
+                       class="solr.highlight.SingleFragListBuilder"/>
+
+      <fragListBuilder name="weighted"
+                       default="true"
+                       class="solr.highlight.WeightedFragListBuilder"/>
+
+      <fragmentsBuilder name="default"
+                        default="true"
+                        class="solr.highlight.ScoreOrderFragmentsBuilder">
+      </fragmentsBuilder>
+
+      <fragmentsBuilder name="colored"
+                        class="solr.highlight.ScoreOrderFragmentsBuilder">
+        <lst name="defaults">
+          <str name="hl.tag.pre"><![CDATA[
+               <b style="background:yellow">,<b style="background:lawgreen">,
+               <b style="background:aquamarine">,<b style="background:magenta">,
+               <b style="background:palegreen">,<b style="background:coral">,
+               <b style="background:wheat">,<b style="background:khaki">,
+               <b style="background:lime">,<b style="background:deepskyblue">]]></str>
+          <str name="hl.tag.post"><![CDATA[</b>]]></str>
+        </lst>
+      </fragmentsBuilder>
+
+      <boundaryScanner name="default"
+                       default="true"
+                       class="solr.highlight.SimpleBoundaryScanner">
+        <lst name="defaults">
+          <str name="hl.bs.maxScan">10</str>
+          <str name="hl.bs.chars">.,!? &#9;&#10;&#13;</str>
+        </lst>
+      </boundaryScanner>
+
+      <boundaryScanner name="breakIterator"
+                       class="solr.highlight.BreakIteratorBoundaryScanner">
+        <lst name="defaults">
+          <str name="hl.bs.type">WORD</str>
+          <str name="hl.bs.language">en</str>
+          <str name="hl.bs.country">US</str>
+        </lst>
+      </boundaryScanner>
+    </highlighting>
+  </searchComponent>
+
+  <updateProcessor class="solr.UUIDUpdateProcessorFactory" name="uuid"/>
+  <updateProcessor class="solr.RemoveBlankFieldUpdateProcessorFactory" name="remove-blank"/>
+  <updateProcessor class="solr.FieldNameMutatingUpdateProcessorFactory" name="field-name-mutating">
+    <str name="pattern">[^\w-\.]</str>
+    <str name="replacement">_</str>
+  </updateProcessor>
+  <updateProcessor class="solr.ParseBooleanFieldUpdateProcessorFactory" name="parse-boolean"/>
+  <updateProcessor class="solr.ParseLongFieldUpdateProcessorFactory" name="parse-long"/>
+  <updateProcessor class="solr.ParseDoubleFieldUpdateProcessorFactory" name="parse-double"/>
+  <updateProcessor class="solr.ParseDateFieldUpdateProcessorFactory" name="parse-date">
+    <arr name="format">
+      <str>yyyy-MM-dd['T'[HH:mm[:ss[.SSS]][z</str>
+      <str>yyyy-MM-dd['T'[HH:mm[:ss[,SSS]][z</str>
+      <str>yyyy-MM-dd HH:mm[:ss[.SSS]][z</str>
+      <str>yyyy-MM-dd HH:mm[:ss[,SSS]][z</str>
+      <str>[EEE, ]dd MMM yyyy HH:mm[:ss] z</str>
+      <str>EEEE, dd-MMM-yy HH:mm:ss z</str>
+      <str>EEE MMM ppd HH:mm:ss [z ]yyyy</str>
+    </arr>
+  </updateProcessor>
+  <updateProcessor class="solr.AddSchemaFieldsUpdateProcessorFactory" name="add-schema-fields">
+    <lst name="typeMapping">
+      <str name="valueClass">java.lang.String</str>
+      <str name="fieldType">text_general</str>
+      <lst name="copyField">
+        <str name="dest">*_str</str>
+        <int name="maxChars">256</int>
+      </lst>
+      <bool name="default">true</bool>
+    </lst>
+    <lst name="typeMapping">
+      <str name="valueClass">java.lang.Boolean</str>
+      <str name="fieldType">booleans</str>
+    </lst>
+    <lst name="typeMapping">
+      <str name="valueClass">java.util.Date</str>
+      <str name="fieldType">pdates</str>
+    </lst>
+    <lst name="typeMapping">
+      <str name="valueClass">java.lang.Long</str>
+      <str name="valueClass">java.lang.Integer</str>
+      <str name="fieldType">plongs</str>
+    </lst>
+    <lst name="typeMapping">
+      <str name="valueClass">java.lang.Number</str>
+      <str name="fieldType">pdoubles</str>
+    </lst>
+  </updateProcessor>
+
+  <updateRequestProcessorChain name="add-unknown-fields-to-the-schema" default="${update.autoCreateFields:true}"
+           processor="uuid,remove-blank,field-name-mutating,parse-boolean,parse-long,parse-double,parse-date,add-schema-fields">
+    <processor class="solr.LogUpdateProcessorFactory"/>
+    <processor class="solr.DistributedUpdateProcessorFactory"/>
+    <processor class="solr.RunUpdateProcessorFactory"/>
+  </updateRequestProcessorChain>
+
+  <queryResponseWriter name="json" class="solr.JSONResponseWriter">
+    <str name="content-type">text/plain; charset=UTF-8</str>
+  </queryResponseWriter>
+</config>
diff --git a/files/usr/local/etc/sudoers.d/acme.smtp_server b/files/usr/local/etc/sudoers.d/acme.smtp_server
new file mode 100644
index 0000000..5180fdc
--- /dev/null
+++ b/files/usr/local/etc/sudoers.d/acme.smtp_server
@@ -0,0 +1 @@
+acme ALL=(root) NOPASSWD: /usr/sbin/service postfix reload
diff --git a/files/usr/local/etc/tika/config.xml.imap_server b/files/usr/local/etc/tika/config.xml.imap_server
new file mode 100644
index 0000000..22fe638
--- /dev/null
+++ b/files/usr/local/etc/tika/config.xml.imap_server
@@ -0,0 +1,21 @@
+<properties>
+  <server>
+    <params>
+      <javaPath>/usr/local/bin/java</javaPath>
+      <returnStackTrace>false</returnStackTrace>
+      <forkedJvmArgs>
+        <arg>-Xmx${tika_heap_size}</arg>
+        <arg>-XX:+UseG1GC</arg>
+        <arg>-XX:+PerfDisableSharedMem</arg>
+        <arg>-XX:+ParallelRefProcEnabled</arg>
+        <arg>-XX:MaxGCPauseMillis=250</arg>
+        <arg>-XX:+AlwaysPreTouch</arg>
+        <arg>-Dlog4j.configurationFile=${tika_conf_dir}/log4j2.xml</arg>
+      </forkedJvmArgs>
+      <endpoints>
+        <endpoint>tika</endpoint>
+        <endpoint>status</endpoint>
+      </endpoints>
+    </params>
+  </server>
+</properties>
diff --git a/files/usr/local/etc/tika/log4j2.xml.imap_server b/files/usr/local/etc/tika/log4j2.xml.imap_server
new file mode 100644
index 0000000..cabde07
--- /dev/null
+++ b/files/usr/local/etc/tika/log4j2.xml.imap_server
@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Configuration>
+  <Appenders>
+    <Console name="STDOUT" target="SYSTEM_OUT">
+      <PatternLayout>
+        <Pattern>
+          %maxLen{%-5p %c %m%notEmpty{ =>%ex{short}}}{10240}%n
+        </Pattern>
+      </PatternLayout>
+    </Console>
+  </Appenders>
+  <Loggers>
+    <Root level="INFO">
+      <AppenderRef ref="STDOUT"/>
+    </Root>
+  </Loggers>
+</Configuration>
diff --git a/files/usr/local/libexec/dovecot/quota-warning.sh.imap_server b/files/usr/local/libexec/dovecot/quota-warning.sh.imap_server
new file mode 100644
index 0000000..96419f5
--- /dev/null
+++ b/files/usr/local/libexec/dovecot/quota-warning.sh.imap_server
@@ -0,0 +1,20 @@
+#!/bin/sh
+
+set -eu -o pipefail
+
+PERCENT=$1
+USER=$2
+FROM=$3
+
+cat << EOF | /usr/libexec/dovecot/dovecot-lda -d "$USER" -o "plugin/quota=count:User quota:noenforcing"
+From: ${FROM}
+Subject: Mailbox quota warning
+
+This is an automatically generated message.
+
+Your mailbox is now ${PERCENT}% full.
+
+When your mailbox exceeds its quota, you will no longer receive new mail.
+
+Please delete some messages to free up space.
+EOF
diff --git a/files/usr/local/libexec/dovecot/sieve-pipe/report-ham.sh.imap_server b/files/usr/local/libexec/dovecot/sieve-pipe/report-ham.sh.imap_server
new file mode 100644
index 0000000..e09674a
--- /dev/null
+++ b/files/usr/local/libexec/dovecot/sieve-pipe/report-ham.sh.imap_server
@@ -0,0 +1,7 @@
+#!/bin/sh
+
+exec /usr/local/bin/rspamc \\
+  --connect="${rspamd_host}.${domain}" \\
+  --password="${rspamd_rw_password}" \\
+  --key="${rspamd_pubkey}" \\
+  learn_ham
diff --git a/files/usr/local/libexec/dovecot/sieve-pipe/report-spam.sh.imap_server b/files/usr/local/libexec/dovecot/sieve-pipe/report-spam.sh.imap_server
new file mode 100644
index 0000000..825113f
--- /dev/null
+++ b/files/usr/local/libexec/dovecot/sieve-pipe/report-spam.sh.imap_server
@@ -0,0 +1,7 @@
+#!/bin/sh
+
+exec /usr/local/bin/rspamc \\
+  --connect="${rspamd_host}.${domain}" \\
+  --password="${rspamd_rw_password}" \\
+  --key="${rspamd_pubkey}" \\
+  learn_spam
diff --git a/files/var/db/solr/dovecot/conf/schema.xml.imap_server b/files/var/db/solr/dovecot/conf/schema.xml.imap_server
new file mode 100644
index 0000000..601a290
--- /dev/null
+++ b/files/var/db/solr/dovecot/conf/schema.xml.imap_server
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<schema name="dovecot" version="2.0">
+  <fieldType name="string" class="solr.StrField" omitNorms="true" sortMissingLast="true"/>
+  <fieldType name="long" class="solr.LongPointField" positionIncrementGap="0"/>
+  <fieldType name="boolean" class="solr.BoolField" sortMissingLast="true"/>
+
+  <fieldType name="text" class="solr.TextField" autoGeneratePhraseQueries="true" positionIncrementGap="100">
+    <analyzer type="index">
+      <tokenizer class="solr.StandardTokenizerFactory"/>
+      <filter class="solr.StopFilterFactory" words="stopwords.txt" ignoreCase="true"/>
+      <filter class="solr.WordDelimiterGraphFilterFactory" catenateNumbers="1" generateNumberParts="1" splitOnCaseChange="1" generateWordParts="1" splitOnNumerics="1" catenateAll="1" catenateWords="1"/>
+      <filter class="solr.FlattenGraphFilterFactory"/>
+      <filter class="solr.LowerCaseFilterFactory"/>
+      <filter class="solr.KeywordMarkerFilterFactory" protected="protwords.txt"/>
+      <filter class="solr.PorterStemFilterFactory"/>
+    </analyzer>
+    <analyzer type="query">
+      <tokenizer class="solr.StandardTokenizerFactory"/>
+      <filter class="solr.SynonymGraphFilterFactory" expand="true" ignoreCase="true" synonyms="synonyms.txt"/>
+      <filter class="solr.FlattenGraphFilterFactory"/>
+      <filter class="solr.StopFilterFactory" words="stopwords.txt" ignoreCase="true"/>
+      <filter class="solr.WordDelimiterGraphFilterFactory" catenateNumbers="1" generateNumberParts="1" splitOnCaseChange="1" generateWordParts="1" splitOnNumerics="1" catenateAll="1" catenateWords="1"/>
+      <filter class="solr.LowerCaseFilterFactory"/>
+      <filter class="solr.KeywordMarkerFilterFactory" protected="protwords.txt"/>
+      <filter class="solr.PorterStemFilterFactory"/>
+    </analyzer>
+  </fieldType>
+
+  <field name="id" type="string" indexed="true" required="true" stored="true"/>
+  <field name="uid" type="long" indexed="true" required="true" stored="true"/>
+  <field name="box" type="string" indexed="true" required="true" stored="true"/>
+  <field name="user" type="string" indexed="true" required="true" stored="true"/>
+
+  <field name="hdr" type="text" indexed="true" stored="false"/>
+  <field name="body" type="text" indexed="true" stored="false"/>
+
+  <field name="from" type="text" indexed="true" stored="false"/>
+  <field name="to" type="text" indexed="true" stored="false"/>
+  <field name="cc" type="text" indexed="true" stored="false"/>
+  <field name="bcc" type="text" indexed="true" stored="false"/>
+  <field name="subject" type="text" indexed="true" stored="false"/>
+
+  <!-- Used by Solr internally: -->
+  <field name="_version_" type="long" indexed="true" stored="true"/>
+
+  <uniqueKey>id</uniqueKey>
+</schema>
diff --git a/files/var/db/solr/dovecot/conf/solrconfig.xml.imap_server b/files/var/db/solr/dovecot/conf/solrconfig.xml.imap_server
new file mode 100644
index 0000000..918a755
--- /dev/null
+++ b/files/var/db/solr/dovecot/conf/solrconfig.xml.imap_server
@@ -0,0 +1,91 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+
+<config>
+  <luceneMatchVersion>9.3.0</luceneMatchVersion>
+
+  <lib dir="${solr.install.dir:../../../..}/contrib/extraction/lib" regex=".*\.jar" />
+  <lib dir="${solr.install.dir:../../../..}/dist/" regex="solr-cell-\d.*\.jar" />
+
+  <lib dir="${solr.install.dir:../../../..}/contrib/clustering/lib/" regex=".*\.jar" />
+  <lib dir="${solr.install.dir:../../../..}/dist/" regex="solr-clustering-\d.*\.jar" />
+
+  <lib dir="${solr.install.dir:../../../..}/contrib/langid/lib/" regex=".*\.jar" />
+  <lib dir="${solr.install.dir:../../../..}/dist/" regex="solr-langid-\d.*\.jar" />
+
+  <lib dir="${solr.install.dir:../../../..}/contrib/velocity/lib" regex=".*\.jar" />
+  <lib dir="${solr.install.dir:../../../..}/dist/" regex="solr-velocity-\d.*\.jar" />
+
+  <dataDir>${solr.data.dir:}</dataDir>
+
+  <updateHandler class="solr.DirectUpdateHandler2">
+
+    <updateLog>
+      <str name="dir">${solr.ulog.dir:}</str>
+      <int name="numVersionBuckets">${solr.ulog.numVersionBuckets:65536}</int>
+    </updateLog>
+
+    <autoCommit>
+      <maxTime>${solr.autoCommit.maxTime:15000}</maxTime>
+      <openSearcher>false</openSearcher>
+    </autoCommit>
+
+    <autoSoftCommit>
+      <maxTime>${solr.autoSoftCommit.maxTime:-1}</maxTime>
+    </autoSoftCommit>
+
+  </updateHandler>
+
+  <query>
+    <filterCache class="solr.CaffeineCache"
+                 size="512"
+                 initialSize="512"
+                 autowarmCount="0"/>
+
+    <queryResultCache class="solr.CaffeineCache"
+                      size="512"
+                      initialSize="512"
+                      autowarmCount="0"/>
+
+    <documentCache class="solr.CaffeineCache"
+                   size="512"
+                   initialSize="512"
+                   autowarmCount="0"/>
+
+    <cache name="perSegFilter"
+           class="solr.search.CaffeineCache"
+           size="10"
+           initialSize="0"
+           autowarmCount="10"
+           regenerator="solr.NoOpRegenerator" />
+
+    <enableLazyFieldLoading>true</enableLazyFieldLoading>
+
+    <queryResultWindowSize>20</queryResultWindowSize>
+
+    <queryResultMaxDocsCached>200</queryResultMaxDocsCached>
+
+    <useColdSearcher>false</useColdSearcher>
+
+  </query>
+
+  <requestDispatcher>
+    <httpCaching never304="true" />
+  </requestDispatcher>
+
+  <requestHandler name="/select" class="solr.SearchHandler">
+    <lst name="defaults">
+      <str name="echoParams">explicit</str>
+      <int name="rows">10</int>
+    </lst>
+  </requestHandler>
+
+  <initParams path="/update/**,/select">
+    <lst name="defaults">
+      <str name="df">_text_</str>
+    </lst>
+  </initParams>
+
+  <queryResponseWriter name="xml"
+                       default="true"
+                       class="solr.XMLResponseWriter" />
+</config>
diff --git a/files/var/db/solr/solr.xml.imap_server b/files/var/db/solr/solr.xml.imap_server
new file mode 100644
index 0000000..1778390
--- /dev/null
+++ b/files/var/db/solr/solr.xml.imap_server
@@ -0,0 +1,76 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements.  See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License.  You may obtain a copy of the License at
+
+     http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+
+<!--
+   This is an example of a simple "solr.xml" file for configuring one or
+   more Solr Cores, as well as allowing Cores to be added, removed, and
+   reloaded via HTTP requests.
+
+   More information about options available in this configuration file,
+   and Solr Core administration can be found online:
+   https://solr.apache.org/guide/solr/latest/configuration-guide/configuring-solr-xml.html
+-->
+
+<solr>
+
+  <int name="maxBooleanClauses">${solr.max.booleanClauses:1024}</int>
+  <str name="sharedLib">${solr.sharedLib:}</str>
+  <str name="modules">${solr.modules:}</str>
+  <str name="allowPaths">${solr.allowPaths:}</str>
+  <str name="allowUrls">${solr.allowUrls:}</str>
+
+  <solrcloud>
+
+    <str name="host">${host:}</str>
+    <int name="hostPort">${solr.port.advertise:0}</int>
+    <str name="hostContext">${hostContext:solr}</str>
+
+    <bool name="genericCoreNodeNames">${genericCoreNodeNames:true}</bool>
+
+    <int name="zkClientTimeout">${zkClientTimeout:30000}</int>
+    <int name="distribUpdateSoTimeout">${distribUpdateSoTimeout:600000}</int>
+    <int name="distribUpdateConnTimeout">${distribUpdateConnTimeout:60000}</int>
+    <str name="zkCredentialsProvider">${zkCredentialsProvider:org.apache.solr.common.cloud.DefaultZkCredentialsProvider}</str>
+    <str name="zkACLProvider">${zkACLProvider:org.apache.solr.common.cloud.DefaultZkACLProvider}</str>
+    <str name="zkCredentialsInjector">${zkCredentialsInjector:org.apache.solr.common.cloud.DefaultZkCredentialsInjector}</str>
+    <bool name="distributedClusterStateUpdates">${distributedClusterStateUpdates:false}</bool>
+    <bool name="distributedCollectionConfigSetExecution">${distributedCollectionConfigSetExecution:false}</bool>
+    <int name="minStateByteLenForCompression">${minStateByteLenForCompression:-1}</int>
+    <str name="stateCompressor">${stateCompressor:org.apache.solr.common.util.ZLibCompressor}</str>
+
+  </solrcloud>
+
+  <shardHandlerFactory name="shardHandlerFactory"
+    class="HttpShardHandlerFactory">
+    <int name="socketTimeout">${socketTimeout:600000}</int>
+    <int name="connTimeout">${connTimeout:60000}</int>
+  </shardHandlerFactory>
+
+  <metrics enabled="${metricsEnabled:true}">
+    <!--    Solr computes JVM metrics for threads. Computing these metrics, esp. computing deadlocks etc.,
+     requires potentially expensive computations, and can be avoided for every metrics call by
+     setting a high caching expiration interval (in seconds).
+      <caching>
+        <int name="threadsIntervalSeconds">5</int>
+      </caching>
+    -->
+    <!--reporter name="jmx_metrics" group="core" class="org.apache.solr.metrics.reporters.SolrJmxReporter"/-->
+  </metrics>
+
+
+</solr>
-- 
cgit v1.2.3