From afa0d351c12ee15c0f3f836df6fbe4c4019098d6 Mon Sep 17 00:00:00 2001
From: Timo Sirainen <timo.sirainen@open-xchange.com>
Date: Thu, 28 Nov 2024 10:16:42 +0200
Subject: [PATCH 1/4] settings: ssl_cert_file has no default path

---
 data/settings.js | 1 -
 1 file changed, 1 deletion(-)

diff --git a/data/settings.js b/data/settings.js
index 68f522397..21e121206 100644
--- a/data/settings.js
+++ b/data/settings.js
@@ -10093,7 +10093,6 @@ auth_ssl_require_client_cert = yes
 	},
 
 	ssl_cert_file: {
-		default: '</etc/ssl/certs/dovecot.pem',
 		seealso: [ 'ssl', 'ssl_key_file', '[[link,ssl_configuration]]' ],
 		values: setting_types.FILE,
 		text: `

From 84b5a5ee43f97a2052eb962d76105c6be5d0ea1b Mon Sep 17 00:00:00 2001
From: Timo Sirainen <timo.sirainen@open-xchange.com>
Date: Thu, 28 Nov 2024 10:19:24 +0200
Subject: [PATCH 2/4] man/doveconf: Change -x example to use ssl_key_password

---
 docs/core/man/doveconf.1.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/core/man/doveconf.1.md b/docs/core/man/doveconf.1.md
index a4a9d247e..a9652e361 100644
--- a/docs/core/man/doveconf.1.md
+++ b/docs/core/man/doveconf.1.md
@@ -94,7 +94,7 @@ configuration in easy human readable output.
 
 **-x**
 :   Expand configuration variables (e.g. `$ENV:foo`) and show file contents
-    (from e.g. `ssl_cert = \</etc/ssl/certs/dovecot.pem`).
+    (from e.g. `ssl_key_password = \</etc/ssl/password.txt`).
 
 *section_name*
 :   Show only the current configuration of one or more specified sections.

From 386c8c9c476f16c1b8264472cdf88e62d49ed891 Mon Sep 17 00:00:00 2001
From: Timo Sirainen <timo.sirainen@open-xchange.com>
Date: Thu, 28 Nov 2024 10:21:49 +0200
Subject: [PATCH 3/4] config/guides/quick: Remove hint about using <path

This is no longer used for ssl certs, so it's no longer relevant in quick
configuration guide.
---
 docs/core/config/guides/quick.md | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/docs/core/config/guides/quick.md b/docs/core/config/guides/quick.md
index 0cf0b6649..d943ca5c7 100644
--- a/docs/core/config/guides/quick.md
+++ b/docs/core/config/guides/quick.md
@@ -101,12 +101,6 @@ doveconf -nP > dovecot.conf
 * Usually it does not matter in which file you write the setting. You only need
   to be aware that later settings replace earlier ones. If you use the same
   section multiple times, the settings are merged together.
-* To read the content of a file, for instance for the SSL certificate option,
-  prefix the filename with a `<`, e.g.:
-
-```[dovecot.conf]
-ssl_cert_file = /etc/ssl/certs/imap.pem
-```
 
 ## Authentication
 

From b1e29cb174dbb3e01c6fffb2b5917caea93b7c9e Mon Sep 17 00:00:00 2001
From: Timo Sirainen <timo.sirainen@open-xchange.com>
Date: Thu, 28 Nov 2024 10:27:43 +0200
Subject: [PATCH 4/4] config/guides/quick: More simplifications and tweaks

---
 docs/core/config/guides/quick.md | 29 ++++++++++++-----------------
 1 file changed, 12 insertions(+), 17 deletions(-)

diff --git a/docs/core/config/guides/quick.md b/docs/core/config/guides/quick.md
index d943ca5c7..4616ade16 100644
--- a/docs/core/config/guides/quick.md
+++ b/docs/core/config/guides/quick.md
@@ -104,9 +104,8 @@ doveconf -nP > dovecot.conf
 
 ## Authentication
 
-By default, Dovecot is setup to use system user authentication.
-You'll probably be using PAM authentication. See the page [[link,auth_pam]]
-for how to configure it.
+The above example configures Dovecot to use PAM for system user authentication.
+See [[link,auth_pam]] for how to configure it.
 
 A typical configuration with Linux would be to create `/etc/pam.d/dovecot`
 which contains:
@@ -126,8 +125,8 @@ Later when you know Dovecot is working, you can do it differently (see
 Run as your own non-root user:
 
 ```sh
-echo "$USER:{PLAIN}password:$UID:$GID::$HOME" > users
-sudo mv users /etc/dovecot/
+echo "$USER:{PLAIN}password" > passwd
+sudo mv passwd /etc/dovecot/
 
 # If SELinux is enabled:
 restorecon -v /etc/dovecot/users
@@ -138,21 +137,17 @@ wish to use, but don't use any important password here as we'll be
 logging in with insecure plaintext authentication until [[link,ssl]]
 is configured.
 
-Switch to passwd-file authentication by adding to `dovecot.conf`:
+Switch to passwd-file authentication by replacing `passdb pam` in
+`dovecot.conf` with `passdb passwd-file`:
 
 ```
 passdb passwd-file {
-  default_password_scheme = CRYPT
-  passwd_file_path = /etc/dovecot/users
-}
-
-userdb passwd-file {
-  passwd_file_path = /etc/dovecot/users
+  passwd_file_path = /etc/dovecot/passwd
 }
 ```
 
-Verify with `doveconf -n passdb userdb` that the output looks like
-above (and there are no other passdbs or userdbs).
+Verify with `doveconf -n passdb` that the output looks like
+above (and there are no other passdbs and no userdbs).
 
 If you're using something else, see [[link,passdb]] and [[link,userdb]].
 
@@ -183,10 +178,10 @@ them than the defaults.
 
 ## SSL and Plaintext Authentication
 
-If you intend to use SSL, set [[setting,ssl_cert_file]] and
-[[setting,ssl_key_file]] settings. Otherwise set [[setting,ssl,no]].
+Configure SSL certificate and private key paths with [[setting,ssl_cert_file]]
+and [[setting,ssl_key_file]] settings.
 
-Easiest way to get SSL certificates built is to use Dovecot's
+An easy way to build a self-signed test certificate is using Dovecot's
 `doc/mkcert.sh` script. For more information see [[link,ssl_configuration]].
 
 By default [[setting,auth_allow_cleartext,no]], which means that Dovecot