summaryrefslogtreecommitdiffstats
path: root/roles/common-LDAP/tasks
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@fripost.org>2013-12-09 08:11:16 +0100
committerGuilhem Moulin <guilhem@fripost.org>2015-06-07 02:51:17 +0200
commit7c089f71667a1a14cc508772ca289d4d1d2edd27 (patch)
tree2858164a1015603ebb8f2478b920e84a7dd62dd6 /roles/common-LDAP/tasks
parent185cf14065554038820c696e7d35f47017b43783 (diff)
Configure the content filter.
Antispam & antivirus, using ClamAV and SpamAssassin through Amavisd-new. Each user has his/her amavis preferences, and own Bayes filter (to maximize privacy). One question remains, though: how to set spamassassin's trusted_networks / internal_networks / msa_networks? It seems not obivious to get it write with IPSec and dynamic IPs. (Cf. https://wiki.apache.org/spamassassin/AwlWrongWay)
Diffstat (limited to 'roles/common-LDAP/tasks')
-rw-r--r--roles/common-LDAP/tasks/main.yml21
1 files changed, 17 insertions, 4 deletions
diff --git a/roles/common-LDAP/tasks/main.yml b/roles/common-LDAP/tasks/main.yml
index 06eb692..5c993fc 100644
--- a/roles/common-LDAP/tasks/main.yml
+++ b/roles/common-LDAP/tasks/main.yml
@@ -53,19 +53,32 @@
owner=root group=root
mode=0600
-- name: Copy fripost schema
- copy: src=etc/ldap/schema/fripost.ldif
- dest=/etc/ldap/schema/fripost.ldif
+- name: Copy fripost & amavis' schema
+ copy: src=etc/ldap/schema/{{ item }}
+ dest=/etc/ldap/schema/{{ item }}
owner=root group=root
mode=0644
+ # It'd certainly be nicer if we didn't have to deploy amavis' schema
+ # everywhere, but we need the 'objectClass' in our replicates, hence
+ # they need to be aware of the 'amavisAccount' class.
+ with_items:
+ - fripost.ldif
+ - amavis.schema
+ tags:
+ - amavis
- name: Load fripost's schema and configure the database
openldap: target=/etc/ldap/{{ item }} state=present
with_items:
- schema/fripost.ldif
- # TODO load other required schemas *before* loading the database
- fripost/database.ldif
+- name: Load amavis' schema
+ openldap: target=/etc/ldap/schema/amavis.schema state=present
+ format=slapd.conf name=amavis
+ tags:
+ - ldap
+
- name: Start slapd
service: name=slapd state=started
when: not (r1.changed or r2.changed)