Configure the content filter.

Antispam & antivirus, using ClamAV and SpamAssassin through Amavisd-new.
Each user has his/her amavis preferences, and own Bayes filter (to
maximize privacy).

One question remains, though: how to set spamassassin's trusted_networks
/ internal_networks / msa_networks? It seems not obivious to get it
write with IPSec and dynamic IPs.
(Cf. https://wiki.apache.org/spamassassin/AwlWrongWay)

1 files changed, 17 insertions, 4 deletions

diff --git a/roles/common-LDAP/tasks/main.yml b/roles/common-LDAP/tasks/main.yml
index 06eb692..5c993fc 100644
--- a/roles/common-LDAP/tasks/main.yml
+++ b/roles/common-LDAP/tasks/main.yml
@@ -53,19 +53,32 @@
             owner=root group=root
             mode=0600
 
-- name: Copy fripost schema
-  copy: src=etc/ldap/schema/fripost.ldif
-        dest=/etc/ldap/schema/fripost.ldif
+- name: Copy fripost & amavis' schema
+  copy: src=etc/ldap/schema/{{ item }}
+        dest=/etc/ldap/schema/{{ item }}
         owner=root group=root
         mode=0644
+  # It'd certainly be nicer if we didn't have to deploy amavis' schema
+  # everywhere, but we need the 'objectClass' in our replicates, hence
+  # they need to be aware of the 'amavisAccount' class.
+  with_items:
+    - fripost.ldif
+    - amavis.schema
+  tags:
+    - amavis
 
 - name: Load fripost's schema and configure the database
   openldap: target=/etc/ldap/{{ item }} state=present
   with_items:
     - schema/fripost.ldif
-    # TODO load other required schemas *before* loading the database
     - fripost/database.ldif
 
+- name: Load amavis' schema
+  openldap: target=/etc/ldap/schema/amavis.schema state=present
+            format=slapd.conf name=amavis
+  tags:
+    - ldap
+
 - name: Start slapd
   service: name=slapd state=started
   when: not (r1.changed or r2.changed)