]> git.somenet.org - root/pub/somesible.git/blob - roles/server/mail/postfix/tasks/main.yml
SomeNet / public repos / root / pub / somesible.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
roles/base/cryptsetup-helper/tasks
[root/pub/somesible.git] / roles / server / mail / postfix / tasks / main.yml
1 #####################################
2 ### someone's ansible provisioner ###
3 #####################################
4 # Part of: https://git.somenet.org/root/pub/somesible.git
5 # 2017-2025 by someone <someone@somenet.org>
6 #
7 ---
8 - name: install postfix
9   apt:
10     pkg:
11     - postfix
12     - postfix-ldap
13     state: present
14     policy_rc_d: 101
15   tags: "online"
16   ignore_errors: "{{ignore_online_errors | bool}}"
17
18
19 # letsencrypt may not be needed.
20 - name: add postfix user to groups mail,sasl,ssl-cert,letsencrypt,opendkim,opendmarc
21   user:
22     name: "postfix"
23     groups: "mail,sasl,ssl-cert,opendkim,opendmarc,pyspf-milter"
24     append: yes
25     createhome: no
26     state: present
27
28
29 - name: set /etc/postfix permissions
30   file:
31     path: "/etc/postfix"
32     state: directory
33     mode: 0751
34     owner: "root"
35     group: "postfix"
36
37
38 - name: copy main.cf
39   copy:
40     src: "{{item}}"
41     dest: "/etc/postfix/main.cf"
42     mode: 0644
43     owner: "root"
44     group: "postfix"
45   with_first_found:
46     - "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/main.cf"
47     - "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/main.cf"
48     - "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/main.cf"
49     - "default/main.cf"
50   notify: restart postfix.service
51
52
53 - name: copy master.cf
54   copy:
55     src: "{{item}}"
56     dest: "/etc/postfix/master.cf"
57     mode: 0640
58     owner: "root"
59     group: "postfix"
60   with_first_found:
61     - "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/master.cf"
62     - "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/master.cf"
63     - "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/master.cf"
64     - "default/master.cf"
65   notify: restart postfix.service
66
67
68 - name: copy saslauthd smtpd.conf
69   copy:
70     src: "{{item}}"
71     dest: "/etc/postfix/sasl/smtpd.conf"
72     mode: 0640
73     owner: "root"
74     group: "postfix"
75   with_first_found:
76     - "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/sasl.smtpd.conf"
77     - "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/sasl.smtpd.conf"
78     - "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/sasl.smtpd.conf"
79     - "default/sasl.smtpd.conf"
80   notify: restart postfix.service
81
82
83 - name: copy header_checks_in.regexp
84   copy:
85     src: "{{item}}"
86     dest: "/etc/postfix/header_checks_in.regexp"
87     mode: 0640
88     owner: "root"
89     group: "postfix"
90   with_first_found:
91     - "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/header_checks_in.regexp"
92     - "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/header_checks_in.regexp"
93     - "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/header_checks_in.regexp"
94     - "default/header_checks_in.regexp"
95   notify: reload postfix.service
96
97
98 - name: copy header_checks_out.regexp
99   copy:
100     src: "{{item}}"
101     dest: "/etc/postfix/header_checks_out.regexp"
102     mode: 0640
103     owner: "root"
104     group: "postfix"
105   with_first_found:
106     - "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/header_checks_out.regexp"
107     - "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/header_checks_out.regexp"
108     - "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/header_checks_out.regexp"
109     - "default/header_checks_out.regexp"
110   notify: reload postfix.service
111
112
113 - name: copy rcpt_recipient.regexp
114   copy:
115     src: "{{item}}"
116     dest: "/etc/postfix/rcpt_recipient.regexp"
117     mode: 0640
118     owner: "root"
119     group: "postfix"
120   with_first_found:
121     - "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/rcpt_recipient.regexp"
122     - "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/rcpt_recipient.regexp"
123     - "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/rcpt_recipient.regexp"
124     - "default/rcpt_recipient.regexp"
125   notify: reload postfix.service
126
127
128 - name: copy rcpt_sender.regexp
129   copy:
130     src: "{{item}}"
131     dest: "/etc/postfix/rcpt_sender.regexp"
132     mode: 0640
133     owner: "root"
134     group: "postfix"
135   with_first_found:
136     - "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/rcpt_sender.regexp"
137     - "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/rcpt_sender.regexp"
138     - "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/rcpt_sender.regexp"
139     - "default/rcpt_sender.regexp"
140   notify: reload postfix.service
141
142
143 - name: copy rel_recipient.regexp
144   copy:
145     src: "{{item}}"
146     dest: "/etc/postfix/rel_recipient.regexp"
147     mode: 0640
148     owner: "root"
149     group: "postfix"
150   with_first_found:
151     - "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/rel_recipient.regexp"
152     - "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/rel_recipient.regexp"
153     - "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/rel_recipient.regexp"
154     - "default/rel_recipient.regexp"
155   notify: reload postfix.service
156
157
158 - name: copy rel_sender.regexp
159   copy:
160     src: "{{item}}"
161     dest: "/etc/postfix/rel_sender.regexp"
162     mode: 0640
163     owner: "root"
164     group: "postfix"
165   with_first_found:
166     - "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/rel_sender.regexp"
167     - "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/rel_sender.regexp"
168     - "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/rel_sender.regexp"
169     - "default/rel_sender.regexp"
170   notify: reload postfix.service
171
172
173 - name: copy transport.map
174   copy:
175     src: "{{item}}"
176     dest: "/etc/postfix/transport.map"
177     mode: 0640
178     owner: "root"
179     group: "postfix"
180   with_first_found:
181     - "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/transport.map"
182     - "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/transport.map"
183     - "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/transport.map"
184     - "default/transport.map"
185   notify: rehash postfix maps
186
187
188 - name: copy virtual.map
189   copy:
190     src: "{{item}}"
191     dest: "/etc/postfix/virtual.map"
192     mode: 0640
193     owner: "root"
194     group: "postfix"
195   with_first_found:
196     - "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/virtual.map"
197     - "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/virtual.map"
198     - "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/virtual.map"
199     - "default/virtual.map"
200   notify: rehash postfix maps
201
202
203 - name: copy virtual.ldap
204   copy:
205     src: "{{item}}"
206     dest: "/etc/postfix/virtual.ldap"
207     mode: 0640
208     owner: "root"
209     group: "postfix"
210   with_first_found:
211     - "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/virtual.ldap"
212     - "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/virtual.ldap"
213     - "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/virtual.ldap"
214     - "default/virtual.ldap"
215   notify: reload postfix.service
216
217
218 - name: copy postfix.service to /etc/systemd/system/
219   copy:
220     src: "{{item}}"
221     dest: "/etc/systemd/system/postfix.service"
222     mode: 0644
223     owner: "root"
224     group: "root"
225   with_first_found:
226     - "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/postfix.service"
227     - "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/postfix.service"
228     - "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/postfix.service"
229     - "default/postfix.service"
230
231
232 - name: copy fail2ban.jail.d.postfix.conf to /etc/fail2ban/jail.d/
233   copy:
234     src: "{{item}}"
235     dest: "/etc/fail2ban/jail.d/postfix.conf"
236     mode: 0644
237     owner: "root"
238     group: "root"
239   with_first_found:
240     - "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/fail2ban.jail.d.postfix.conf"
241     - "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/fail2ban.jail.d.postfix.conf"
242     - "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/fail2ban.jail.d.postfix.conf"
243     - "default/fail2ban.jail.d.postfix.conf"
244   notify: reload fail2ban.service
245
246
247 - name: enable and start postfix.service
248   include_role: name="base/systemd/enable-and-start"
249   vars:
250     service_name: postfix.service