1 files changed, 29 insertions, 12 deletions

diff --git a/roles/out/tasks/main.yml b/roles/out/tasks/main.yml
index 10429b1..7a297f1 100644
--- a/roles/out/tasks/main.yml
+++ b/roles/out/tasks/main.yml
@@ -1,45 +1,62 @@
 - name: Install Postfix
-  apt: pkg=postfix
+  apt: pkg={{ packages }}
+  vars:
+    packages:
+    - postfix
+    - postfix-lmdb
 
 - name: Configure Postfix
-  template: src=etc/postfix/main.cf.j2
-            dest=/etc/postfix-{{ postfix_instance[inst].name }}/main.cf
+  template: src=etc/postfix/{{ item }}.j2
+            dest=/etc/postfix-{{ postfix_instance[inst].name }}/{{ item }}
             owner=root group=root
             mode=0644
+  with_items:
+    - main.cf
+    - master.cf
   notify:
     - Reload Postfix
 
-- name: Copy the Postfix relay clientcerts map
-  template: src=etc/postfix/relay_clientcerts.j2
-            dest=/etc/postfix-{{ postfix_instance[inst].name }}/relay_clientcerts
+- name: Copy the canonical maps
+  template: src=etc/postfix/canonical.j2
+            dest=/etc/postfix-{{ postfix_instance[inst].name }}/canonical
             owner=root group=root
             mode=0644
-  tags:
-    - tls_policy
 
-- name: Compile the Postfix relay clientcerts map
-  postmap: cmd=postmap src=/etc/postfix-{{ postfix_instance[inst].name }}/relay_clientcerts db=cdb
+- name: Compile the canonical maps
+  # no need to reload upon change, as cleanup(8) is short-running
+  postmap: cmd=postmap src=/etc/postfix-{{ postfix_instance[inst].name }}/canonical db=lmdb
            owner=root group=root
            mode=0644
-  tags:
-    - tls_policy
+
+- name: Copy the SMTP TLS policy maps
+  template: src=etc/postfix/smtp_tls_policy.j2
+            dest=/etc/postfix-{{ postfix_instance[inst].name }}/smtp_tls_policy
+            owner=root group=root
+            mode=0644
+
+- name: Compile the SMTP TLS policy maps
+  postmap: cmd=postmap src=/etc/postfix-{{ postfix_instance[inst].name }}/smtp_tls_policy db=lmdb
+           owner=root group=root
+           mode=0644
+  notify:
+    - Reload Postfix
 
 - meta: flush_handlers
 
 - name: Start Postfix
   service: name=postfix state=started
 
 
 - name: Install 'postfix_mailqueue_' Munin wildcard plugin
   file: src=/usr/local/share/munin/plugins/postfix_mailqueue_
         dest=/etc/munin/plugins/postfix_mailqueue_postfix-{{ postfix_instance[inst].name }}
         owner=root group=root
         state=link force=yes
   tags:
     - munin
     - munin-node
   notify:
     - Restart munin-node
 
 - name: Install 'postfix_stats_' Munin wildcard plugin
   file: src=/usr/local/share/munin/plugins/postfix_stats_