diff options
author | Guilhem Moulin <guilhem@fripost.org> | 2015-06-04 20:26:53 +0200 |
---|---|---|
committer | Guilhem Moulin <guilhem@fripost.org> | 2015-06-07 02:54:26 +0200 |
commit | 2c925ea17fcb6f71826e5c0f30f99c5daba10e14 (patch) | |
tree | 90f0cbed686e3f5704b4440ab6239046412d91d6 /roles/webmail/tasks/mail.yml | |
parent | f3d93ac759ee2ac08ecc7308d3019796e2285797 (diff) |
Make the webmail connect directly to the outgoing SMTP proxy.
(Hence delete the 'webmail' Postfix instance.) This shortens the delay
caused by the recipient verification probes.
Diffstat (limited to 'roles/webmail/tasks/mail.yml')
-rw-r--r-- | roles/webmail/tasks/mail.yml | 42 |
1 files changed, 33 insertions, 9 deletions
diff --git a/roles/webmail/tasks/mail.yml b/roles/webmail/tasks/mail.yml index e2dea38..7603a56 100644 --- a/roles/webmail/tasks/mail.yml +++ b/roles/webmail/tasks/mail.yml @@ -1,15 +1,39 @@ -- name: Install Postfix - apt: pkg=postfix +- name: Install stunnel + apt: pkg=stunnel4 -- name: Configure Postfix - template: src=etc/postfix/main.cf.j2 - dest=/etc/postfix-{{ postfix_instance[inst].name }}/main.cf +- name: Auto-enable stunnel + lineinfile: dest=/etc/default/stunnel4 + regexp='^(\s*#)?\s*ENABLED=' + line='ENABLED=1' + owner=root group=root + mode=0644 + +- name: Create /etc/stunnel/certs + file: path=/etc/stunnel/certs + state=directory + owner=root group=root + mode=0755 + +- name: Copy the SMTP outgoing proxy's X.509 certificate + assemble: src=certs/postfix regexp="{{ groups.out | difference([inventory_hostname]) | join('|') }}\.pem$" remote_src=no + dest=/etc/stunnel/certs/postfix.pem owner=root group=root mode=0644 + register: r1 notify: - - Reload Postfix + - Restart stunnel -- meta: flush_handlers +- name: Configure stunnel + template: src=etc/stunnel/postfix.conf.j2 + dest=/etc/stunnel/postfix.conf + owner=root group=root + mode=0644 + register: r2 + notify: + - Restart stunnel -- name: Start Postfix - service: name=postfix state=started +- name: Start stunnel + service: name=stunnel4 pattern=/usr/bin/stunnel4 state=started + when: not (r1.changed or r2.changed) + +- meta: flush_handlers |