global: Update variable syntax

Author: cmouse

.github/actions/spelling/allow.txt

@@ -25,3 +25,8 @@ spnego
 ssh
 ubuntu
 workarounds
+lfill
+ond
+retuns
+rfill
+Uppercases

data/settings.js

@@ -4333,7 +4333,7 @@ If \`no\`, there will be no report for the authentication result.`
 	},
 
 	auth_policy_request_attributes: {
-		default: 'login=%{requested_username} pwhash=%{hashed_password} remote=%{rip} device_id=%{client_id} protocol=%{protocol} session_id=%{session} fail_type=%{fail_type}',
+		default: 'login=%{requested_username} pwhash=%{hashed_password} remote=%{remote_ip} device_id=%{client_id} protocol=%{protocol} session_id=%{session} fail_type=%{fail_type}',
 		changed: {
 			settings_auth_policy_request_attributes_changed: `
 Default has changed.`
@@ -7095,8 +7095,8 @@ The details of how this setting works depends on the used protocol:
 :   ID command can be used to override:
 
     * Session ID
-    * Client IP and port (\`%{rip}\`, \`%{rport}\`)
-    * Server IP and port (\`%{lip}\`, \`%{lport}\`)
+    * Client IP and port (\`%{remote_ip}\`, \`%{remote_port}\`)
+    * Server IP and port (\`%{local_ip}\`, \`%{local_port}\`)
 
     \`forward_*\` fields can be sent to auth process's passdb lookup
 
@@ -7107,7 +7107,7 @@ The details of how this setting works depends on the used protocol:
 :   XCLIENT command can be used to override:
 
     * Session ID
-    * Client IP and port (\`%{rip}\`, \`%{rport}\`)
+    * Client IP and port (\`%{remote_ip}\`, \`%{remote_port}\`)
 
     \`forward_*\` fields can be sent to auth process's passdb lookup
 
@@ -7118,7 +7118,7 @@ The details of how this setting works depends on the used protocol:
 :   XCLIENT command can be used to override:
 
     * Session ID
-    * Client IP and port (\`%{rip}\`, \`%{rport}\`)
+    * Client IP and port (\`%{remote_ip}\`, \`%{remote_port}\`)
 
     The trust is always checked against the connecting IP address.
     Except if HAProxy is used, then the original client IP address is used.
@@ -7127,7 +7127,7 @@ The details of how this setting works depends on the used protocol:
 :   XCLIENT command can be used to override:
 
     * Session ID
-    * Client IP and port (\`%{rip}\`, \`%{rport}\`)
+    * Client IP and port (\`%{remote_ip}\`, \`%{remote_port}\`)
     * HELO - Overrides what the client sent earlier in the EHLO command
     * LOGIN - Currently unused
     * PROTO - Currently unused
@@ -7141,7 +7141,7 @@ The details of how this setting works depends on the used protocol:
 :   XCLIENT command can be used to override:
 
     * Session ID
-    * Client IP and port (\`%{rip}\`, \`%{rport}\`)
+    * Client IP and port (\`%{remote_ip}\`, \`%{remote_port}\`)
     * HELO - Overrides what the client sent earlier in the LHLO command
     * LOGIN - Currently unused
     * PROTO - Currently unused
@@ -8700,7 +8700,7 @@ Configures a modifier string for values grouped by the
 \`%{value}\`
 :   The original value.
 
-\`%{domain}\`
+\`%{user | domain}\`
 :   If the value is in \`user@domain\` format, this contains the \`domain\`
     text. Otherwise empty.`
 	},

docs/core/admin/migration.md

@@ -213,22 +213,22 @@ Common settings:
 Master password auth:
 
 ```
-imapc_user = %u
+imapc_user = %{user}
 imapc_password = supersecret
 ```
 
 Master user auth:
 
 ```
-imapc_user = %u
+imapc_user = %{user}
 imapc_master_user = master-user
 imapc_password = master-password
 ```
 
 Individual password auth:
 
 ```
-imapc_user = %u
+imapc_user = %{user}
 
 # doveadm -o imapc_password=password backup -Ru user imapc:
 ```
@@ -250,7 +250,7 @@ pop3c_host = hostname
 # Authenticate as masteruser / masteruser-secret, but use a separate login
 # user.
 # If you don't have a master user, remove the pop3c_master_user setting.
-pop3c_user = %u
+pop3c_user = %{user}
 pop3c_master_user = masteruser
 pop3c_password = masteruser-secret
 

docs/core/admin/rawlog.md

@@ -99,7 +99,7 @@ If your userdb can't return a home directory directly, you can add:
 userdb db1 {
   # ...
   fields {
-    home = /home/%u
+    home = /home/%{user}
     # or temporarily even e.g. home = /tmp/temp-home
   }
 }

docs/core/admin/testing.md

@@ -259,7 +259,7 @@ System configuration
 Enable LMTP delivery times in the configuration:
 
 ```[dovecot.conf]
-deliver_log_format = msgid=%m from=<%f> size=%p vsize=%w session=%{session_time}ms delivery=%{delivery_time}ms: %$
+deliver_log_format = msgid=%{msgid} from=<%{from}> size=%{size} vsize=%{vsize} session=%{session_time}ms delivery=%{delivery_time}ms: %{message}
 ```
 
 You can then see log entries like:
@@ -332,7 +332,7 @@ total_user_count = 800
 rampup_time = 0s
 
 user lmtptest {
-  username_format = testuser%n
+  username_format = testuser%{num}
   count = 100%
 
   mail_inbox_delivery_interval = 1s
@@ -390,7 +390,7 @@ total_user_count = 2000000
 rampup_time = 600s
 
 user pop3 {
-  username_format = testuser%7n
+  username_format = testuser%{num | fill('0', 7)}
   username_start_index = 1
   count = 100%
 
@@ -433,7 +433,7 @@ total_user_count = 4000000
 rampup_time = 60s
 
 user imap_poweruser {
-  username_format = testuser%7n
+  username_format = testuser%{num | fill('0', 7)}
   username_start_index = 2000000
   count = 50%
 

docs/core/config/auth/databases/ldap.md

@@ -83,7 +83,7 @@ $ ldapmodify -Q -Y EXTERNAL -H ldapi:/// -f doveauth_access.ldif
 The two important settings in password lookups are:
 
 - [[setting,ldap_filter]] specifies the LDAP filter how user is found from the
-  LDAP. You can use all the normal [[variable]] like `%u` in the filter.
+  LDAP. You can use all the normal [[variable]] like `%{user}` in the filter.
 
 - [[setting,passdb_fields]] specifies a list of attributes that are returned and
   how to produce the returned value.
@@ -133,7 +133,7 @@ to the same case as it's in the LDAP database. You can do this by
 returning "user" field in [[setting,passdb_fields]] setting, as shown in the above example.
 
 If you can't normalize the username in LDAP, you can alternatively
-lowercase the username via [[setting,auth_username_format,%Lu]].
+lowercase the username via [[setting,auth_username_format,%{user | lower}]].
 
 #### Use Worker
 
@@ -160,7 +160,7 @@ A typical configuration would look like:
   passdb ldap {
     bind = no
     default_password_scheme = MD5
-    ldap_filter = (&(objectClass=posixAccount)(uid=%u))
+    ldap_filter = (&(objectClass=posixAccount)(uid=%{user}))
     fields {
       user = %{ldap:uid}
       password = %{ldap:userPassword}
@@ -201,7 +201,7 @@ Example:
 ```[dovecot.conf]
   passdb ldap {
     bind = yes
-    ldap_filter = (&(objectClass=posixAccount)(uid=%u))
+    ldap_filter = (&(objectClass=posixAccount)(uid=%{user}))
     fields {
       user = %{ldap:uid}
     }
@@ -224,14 +224,14 @@ so the prefetch optimization doesn't help.
 If you're using DN template, [[setting,passdb_fields]] and [[setting,ldap_filter]] settings
 are completely ignored. That means you can't make passdb return any
 [[link,passdb_extra_fields]]. You should also set
-[[setting,auth_username_format,%Lu]] in `dovecot.conf` to normalize the
+[[setting,auth_username_format,%{user | lower}]] in `dovecot.conf` to normalize the
 username by lowercasing it.
 
 ::: code-group
 ```[dovecot.conf]
   passdb ldap {
     bind = yes
-    bind_userdn = cn=%u,ou=people,o=org
+    bind_userdn = cn=%{user},ou=people,o=org
   }
 ```
 :::
@@ -355,7 +355,7 @@ The most important settings are:
 
 ::: code-group
 ```[dovecot.conf]
-  passdb_ldap_bind_userdn = %u
+  passdb_ldap_bind_userdn = %{user}
   passdb_ldap_bind = yes
 ```
 :::
@@ -403,15 +403,15 @@ distinct values inside each [[setting,passdb]] / [[setting,userdb]] section):
 
 ::: code-group
 ```[dovecot.conf]
-ldap_filter = (mailRoutingAddress=%u)
+ldap_filter = (mailRoutingAddress=%{user})
 ```
 :::
 
 - How to iterate through all the valid usernames:
 
 ::: code-group
 ```[dovecot.conf]
-  ldap_filter = (mailRoutingAddress=%u)
+  ldap_filter = (mailRoutingAddress=%{user})
   ldap_iterate_filter = (objectClass=messageStoreRecipient)
   iterate_fields {
     user = %{ldap:mailRoutingAddress}
@@ -434,7 +434,7 @@ The following variables can be used inside the [[setting,passdb]] / [[setting,us
 | `%{ldap_multi:attrName:::default}` | [[added,ldap_multi_added]] How to specify a column `":"` as separator, default explicitly defined. |
 | `%{ldap_multi:attrName:,}` | [[added,ldap_multi_added]] How to specify a comma `","` as separator, default is `""`. |
 | `%{ldap_multi:attrName:,:default}` | [[added,ldap_multi_added]] How to specify a comma `","` as separator, default explicitly defined. |
-| `%{ldap_dn}` | Retrieves the Distinguished Name of the entry. |
+| `%{ldap:dn}` | Retrieves the Distinguished Name of the entry. |
 
 ### Multiple Queries via userdbs
 
@@ -463,7 +463,7 @@ userdb ldap2 {
 
 ### Variables and Domains
 
-User names and domains may be distinguished using the Variables `%n` and `%d`.
+User names and domains may be distinguished using the Variables `%{user | username}` and `%{user | domain}`.
 They split the previous username at the `@` character.
 
 The previous username is:
@@ -477,19 +477,19 @@ The previous username is:
   If the (LDAP) password database has:
   ```
   fields {
-    user = %n
+    user = %{user | username}
   }
   ```
   then the domain part of the login name will be stripped by the password database.
 
-- The userdb will not see any domain part, i.e. `%n` and `%u` are the same
+- The userdb will not see any domain part, i.e. `%{user | username}` and `%{user}` are the same
   thing for the userdb. The userdb may set a new username, too, using:
   ```
   fields {
     user = ...
   }
   ```
-  This will be used for Logging `%u` and `%d`
+  This will be used for Logging `%{user}` and `%{user | domain}`
   variables in other parts of the configuration (e.g. quota file names).
 
 ::: code-group
@@ -540,7 +540,7 @@ them globally with [[setting,mail_uid]] and [[setting,mail_gid]] settings instea
 returning them from LDAP.
 
 ```
-ldap_filter = (&(objectClass=posixAccount)(uid=%u))
+ldap_filter = (&(objectClass=posixAccount)(uid=%{user}))
 ldap_iterate_filter = (objectClass=posixAccount)
 fields {
     home = %{ldap:homeDirectory}
@@ -580,12 +580,12 @@ fields {
 ```
 
 You can add static fields that aren't looked up from LDAP. For example
-create a "mail_path" field with value `/var/vmail/%d/%n/Maildir`:
+create a "mail_path" field with value `/var/vmail/%{user | domain}/%{user | username}/Maildir`:
 
 ```
 fields {
     quota_storage_size = %{ldap:quotaBytes}B
-    mail_path = /var/vmail/%d/%n/Maildir
+    mail_path = /var/vmail/%{user | domain}/%{user | username}/Maildir
 }
 ```
 
@@ -596,17 +596,17 @@ userDomain attribute doesn't exist, example.com is used instead.
 ### Variables and Domains
 
 User names and domains may be distinguished using the [[variable]]
-`%n` and `%d`. They split the *previous username* at the "@" character. The
+`%{user | username}` and `%{user | domain}`. They split the *previous username* at the "@" character. The
 *previous username* is:
 
 - For LMTP, it will be `user@hostname`, where hostname depends on e.g.
   the Postfix configuration.
 
 - For IMAP, it will be whatever the password database has designated as
   the username. If the (LDAP) password database [[setting,passdb_fields ]]
-  contains `user=%n`, then the domain part of the login name will be stripped by
+  contains `user=%{user | username}`, then the domain part of the login name will be stripped by
   the password database. The userdb will not see any domain part, i.e.
-  %n and %u are the same thing for the userdb.
+  %{user | username} and %{user} are the same thing for the userdb.
 
 The userdb may set a new username, too, using
 ```
@@ -619,5 +619,5 @@ This will be used for:
 
 - Logging
 
-- `%u` and `%d` variables in other parts of the configuration (e.g. quota
+- `%{user}` and `%{user | domain}` variables in other parts of the configuration (e.g. quota
   file names)

docs/core/config/auth/databases/lua.md

@@ -56,7 +56,7 @@ function auth_passdb_lookup(req)
 end
 
 function auth_passdb_get_cache_key()
-  return "%{username}\t%{protocol}"
+  return "%{user | username}\t%{protocol}"
 end
 ```
 :::

docs/core/config/auth/databases/oauth2.md

@@ -100,8 +100,8 @@ passdb static {
   fields {
     nopassword = yes
     proxy = yes
-    proxy_mech = %m
-    # ...
+    proxy_mech = %{mechanism}
+        # ...
   }
 }
 ```
@@ -113,7 +113,7 @@ oauth2 {
   # ...
   fields {
     proxy = y
-    proxy_mech = %m
+    proxy_mech = %{mech}
   }
 }
 ```

docs/core/config/auth/databases/passwd.md

@@ -33,9 +33,9 @@ For example:
 ```[dovecot.conf]
 userdb passwd {
   fields {
-    home = /var/mail/%{username}
+    home = /var/mail/%{user | username}
     mail_driver = maildir
-    mail_path = /var/mail/%{username}/Maildir
+    mail_path = /var/mail/%{user | username}/Maildir
   }
 }
 ```
@@ -53,9 +53,9 @@ userdb passwd {
   fields {
     uid = %{passwd:uid:vmail}
     gid = %{passwd:gid:vmail}
-    home = /var/mail/%{username}
+    home = /var/mail/%{user | username}
     mail_driver = maildir
-    mail_path = /var/mail/%{username}/Maildir
+    mail_path = /var/mail/%{user | username}/Maildir
   }
 }
 ```