#####################################
### someone's ansible provisioner ###
#####################################
# Part of: https://git.somenet.org/root/pub/somesible.git
# 2017-2025 by someone <someone@somenet.org>
#
---
- name: install postfix
apt:
pkg:
- postfix
state: present
policy_rc_d: 101
tags: "online"
ignore_errors: "{{ignore_online_errors | bool}}"
- name: add postfix user to groups mail,sasl,ssl-cert,letsencrypt,opendkim,opendmarc
user:
name: "postfix"
groups: "mail,sasl,ssl-cert,letsencrypt,opendkim,opendmarc,pyspf-milter"
append: yes
createhome: no
state: present
- name: copy main.cf
copy:
src: "{{item}}"
dest: "/etc/postfix/main.cf"
mode: 0644
owner: "root"
group: "root"
with_first_found:
- "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/main.cf"
- "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/main.cf"
- "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/main.cf"
- "default/main.cf"
notify: restart postfix.service
- name: copy master.cf
copy:
src: "{{item}}"
dest: "/etc/postfix/master.cf"
mode: 0644
owner: "root"
group: "root"
with_first_found:
- "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/master.cf"
- "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/master.cf"
- "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/master.cf"
- "default/master.cf"
notify: restart postfix.service
- name: copy saslauthd smtpd.conf
copy:
src: "{{item}}"
dest: "/etc/postfix/sasl/smtpd.conf"
mode: 0644
owner: "root"
group: "root"
with_first_found:
- "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/sasl.smtpd.conf"
- "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/sasl.smtpd.conf"
- "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/sasl.smtpd.conf"
- "default/sasl.smtpd.conf"
notify: restart postfix.service
- name: copy header_checks_in.regexp
copy:
src: "{{item}}"
dest: "/etc/postfix/header_checks_in.regexp"
mode: 0644
owner: "root"
group: "root"
with_first_found:
- "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/header_checks_in.regexp"
- "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/header_checks_in.regexp"
- "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/header_checks_in.regexp"
- "default/header_checks_in.regexp"
notify: reload postfix.service
- name: copy header_checks_out.regexp
copy:
src: "{{item}}"
dest: "/etc/postfix/header_checks_out.regexp"
mode: 0644
owner: "root"
group: "root"
with_first_found:
- "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/header_checks_out.regexp"
- "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/header_checks_out.regexp"
- "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/header_checks_out.regexp"
- "default/header_checks_out.regexp"
notify: reload postfix.service
- name: copy rcpt_recipient.regexp
copy:
src: "{{item}}"
dest: "/etc/postfix/rcpt_recipient.regexp"
mode: 0644
owner: "root"
group: "root"
with_first_found:
- "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/rcpt_recipient.regexp"
- "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/rcpt_recipient.regexp"
- "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/rcpt_recipient.regexp"
- "default/rcpt_recipient.regexp"
notify: reload postfix.service
- name: copy rcpt_sender.regexp
copy:
src: "{{item}}"
dest: "/etc/postfix/rcpt_sender.regexp"
mode: 0644
owner: "root"
group: "root"
with_first_found:
- "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/rcpt_sender.regexp"
- "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/rcpt_sender.regexp"
- "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/rcpt_sender.regexp"
- "default/rcpt_sender.regexp"
notify: reload postfix.service
- name: copy rel_recipient.regexp
copy:
src: "{{item}}"
dest: "/etc/postfix/rel_recipient.regexp"
mode: 0644
owner: "root"
group: "root"
with_first_found:
- "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/rel_recipient.regexp"
- "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/rel_recipient.regexp"
- "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/rel_recipient.regexp"
- "default/rel_recipient.regexp"
notify: reload postfix.service
- name: copy rel_sender.regexp
copy:
src: "{{item}}"
dest: "/etc/postfix/rel_sender.regexp"
mode: 0644
owner: "root"
group: "root"
with_first_found:
- "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/rel_sender.regexp"
- "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/rel_sender.regexp"
- "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/rel_sender.regexp"
- "default/rel_sender.regexp"
notify: reload postfix.service
- name: copy transport.map
copy:
src: "{{item}}"
dest: "/etc/postfix/transport.map"
mode: 0644
owner: "root"
group: "root"
with_first_found:
- "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/transport.map"
- "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/transport.map"
- "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/transport.map"
- "default/transport.map"
notify: rehash postfix maps
- name: copy virtual.map
copy:
src: "{{item}}"
dest: "/etc/postfix/virtual.map"
mode: 0644
owner: "root"
group: "root"
with_first_found:
- "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/virtual.map"
- "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/virtual.map"
- "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/virtual.map"
- "default/virtual.map"
notify: rehash postfix maps
- name: copy postfix@.service to /etc/systemd/system/
copy:
src: "{{item}}"
dest: "/etc/systemd/system/postfix@.service"
mode: 0644
owner: "root"
group: "root"
with_first_found:
- "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/postfix@.service"
- "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/postfix@.service"
- "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/postfix@.service"
- "default/postfix@.service"
- name: enable and start postfix.service
include_role: name="base/systemd/enable-and-start"
vars:
service_name: postfix.service