diff options
| author | Guilhem Moulin <guilhem@fripost.org> | 2013-11-24 03:53:39 +0100 |
|---|---|---|
| committer | Guilhem Moulin <guilhem@fripost.org> | 2015-06-07 02:50:47 +0200 |
| commit | 6be613d07ddc6d0b1e4b73f93c0fa1c0b1f7ba10 (patch) | |
| tree | 798df25c6a7c0a9c1e8b01116f454f5d74c94a10 /roles/common/tasks | |
| parent | 099678c6b4fd176d3232984e634d6311f7c83494 (diff) | |
Postfix master (nullmailer) configuration
We use a dedicated instance for each role: MDA, MTA out, MX, etc.
Diffstat (limited to 'roles/common/tasks')
| -rw-r--r-- | roles/common/tasks/ipsec.yml | 5 | ||||
| -rw-r--r-- | roles/common/tasks/mail.yml | 62 | ||||
| -rw-r--r-- | roles/common/tasks/main.yml | 1 |
3 files changed, 64 insertions, 4 deletions
diff --git a/roles/common/tasks/ipsec.yml b/roles/common/tasks/ipsec.yml index 619c093..56c8300 100644 --- a/roles/common/tasks/ipsec.yml +++ b/roles/common/tasks/ipsec.yml @@ -52,11 +52,8 @@ notify: - Reload networking -# XXX: As of 1.3.1 ansible doesn't accept relative src. -# See https://github.com/ansible/ansible/issues/4459 - name: Auto-deactivate the dedicated interface for IPSec - file: #src=../if-up.d/ipsec - src=/etc/network/if-up.d/ipsec + file: src=../if-up.d/ipsec dest=/etc/network/if-down.d/ipsec owner=root group=root state=link diff --git a/roles/common/tasks/mail.yml b/roles/common/tasks/mail.yml new file mode 100644 index 0000000..9de0eaa --- /dev/null +++ b/roles/common/tasks/mail.yml @@ -0,0 +1,62 @@ +- name: Install Postfix + apt: pkg={{ item }} + with_items: + # That one is nicer than GNU mailutils' mailx(1) + - heirloom-mailx + - postfix + - postfix-cdb + - postfix-pcre + +- name: Create Postfix instances + postmulti: instance={{ postfix_instance[item].name }} + group={{ postfix_instance[item].group | default('') }} + register: r1 + with_items: postfix_instance.keys() | intersect(group_names) | list + notify: + - Restart Postfix + +- name: Define dynamic maps for children instances + # main.cf and master.cf are configured in dedicated roles, though + file: src=../postfix/dynamicmaps.cf + dest=/etc/postfix-{{ postfix_instance[item].name }}/dynamicmaps.cf + owner=root group=root state=link + register: r2 + with_items: postfix_instance.keys() | intersect(group_names) | list + notify: + - Restart Postfix + +- name: Configure Postfix (1) + copy: src=etc/postfix/{{ item }} + dest=/etc/postfix/{{ item }} + owner=root group=root + mode=0644 + register: r3 + with_items: + - master.cf + - generic.pcre + notify: + - Reload Postfix + +- name: Configure Postfix (2) + template: src=etc/postfix/main.cf.j2 + dest=/etc/postfix/main.cf + owner=root group=root + mode=0644 + register: r4 + notify: + - Restart Postfix + +- name: Update the static local Postfix database + postmap: cmd=postalias src=/etc/aliases db=cdb + owner=root group=root + mode=0644 + +# We're using CDB +- name: Delete /etc/aliases.db + file: path=/etc/aliases.db state=absent + +- name: Start Postfix + service: name=postfix state=started + when: not (r1.changed or r2.changed or r3.changed or r4.changed) + +- meta: flush_handlers diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml index 3ee4f49..355b2df 100644 --- a/roles/common/tasks/main.yml +++ b/roles/common/tasks/main.yml @@ -8,3 +8,4 @@ - include: fail2ban.yml tags=fail2ban - include: ipsec.yml tags=strongswan,ipsec - include: logging.yml tags=logging +- include: mail.yml tags=mail,postfix |