obox: azure: Add a hint that SHARED_KEY can be passed base64 encoded …

…or hex escaped
mbettini-ox · Feb 14, 2024 · 0cb38cf · 0cb38cf
1 parent 2826c33
commit 0cb38cf
Showing 1 changed file with 10 additions and 0 deletions.
diff --git a/source/configuration_manual/mail_location/obox/azure.rst b/source/configuration_manual/mail_location/obox/azure.rst
@@ -27,6 +27,16 @@ The parameters are:
           different from what is used in Microsoft documentation. This is
           especially relevant for the position of ACCOUNTNAME and CONTAINERNAME.
 
+If the ``SHARED_KEY`` or ``ACCOUNTNAME`` contains any special characters, they can be %hex-encoded.
+The ``SHARED_KEY`` can be alternatively be passed base64 encoded as shown above ``SHARED_KEY_BASE64``
+
+.. Note::
+
+  ``dovecot.conf`` handles :ref:`%variable <config_variables>` expansion internally as well, so % needs
+  to be escaped as %% and ':' needs to be escaped as %%3A. For example if the
+  SHARED_KEY is "foo:bar" this would be encoded as
+  ``https://ACCOUNTNAME:foo%%3Abar@CONTAINERNAME.blob.core.windows.net/``. This double-%% escaping is needed only when the string is read from ``dovecot.conf`` - it doesn't apply for example if the string comes from a userdb lookup.
+
 Debugging
 ---------