From 6be613d07ddc6d0b1e4b73f93c0fa1c0b1f7ba10 Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Sun, 24 Nov 2013 03:53:39 +0100 Subject: Postfix master (nullmailer) configuration We use a dedicated instance for each role: MDA, MTA out, MX, etc. --- roles/common/tasks/ipsec.yml | 5 +--- roles/common/tasks/mail.yml | 62 ++++++++++++++++++++++++++++++++++++++++++++ roles/common/tasks/main.yml | 1 + 3 files changed, 64 insertions(+), 4 deletions(-) create mode 100644 roles/common/tasks/mail.yml (limited to 'roles/common/tasks') diff --git a/roles/common/tasks/ipsec.yml b/roles/common/tasks/ipsec.yml index 619c093..56c8300 100644 --- a/roles/common/tasks/ipsec.yml +++ b/roles/common/tasks/ipsec.yml @@ -52,11 +52,8 @@ notify: - Reload networking -# XXX: As of 1.3.1 ansible doesn't accept relative src. -# See https://github.com/ansible/ansible/issues/4459 - name: Auto-deactivate the dedicated interface for IPSec - file: #src=../if-up.d/ipsec - src=/etc/network/if-up.d/ipsec + file: src=../if-up.d/ipsec dest=/etc/network/if-down.d/ipsec owner=root group=root state=link diff --git a/roles/common/tasks/mail.yml b/roles/common/tasks/mail.yml new file mode 100644 index 0000000..9de0eaa --- /dev/null +++ b/roles/common/tasks/mail.yml @@ -0,0 +1,62 @@ +- name: Install Postfix + apt: pkg={{ item }} + with_items: + # That one is nicer than GNU mailutils' mailx(1) + - heirloom-mailx + - postfix + - postfix-cdb + - postfix-pcre + +- name: Create Postfix instances + postmulti: instance={{ postfix_instance[item].name }} + group={{ postfix_instance[item].group | default('') }} + register: r1 + with_items: postfix_instance.keys() | intersect(group_names) | list + notify: + - Restart Postfix + +- name: Define dynamic maps for children instances + # main.cf and master.cf are configured in dedicated roles, though + file: src=../postfix/dynamicmaps.cf + dest=/etc/postfix-{{ postfix_instance[item].name }}/dynamicmaps.cf + owner=root group=root state=link + register: r2 + with_items: postfix_instance.keys() | intersect(group_names) | list + notify: + - Restart Postfix + +- name: Configure Postfix (1) + copy: src=etc/postfix/{{ item }} + dest=/etc/postfix/{{ item }} + owner=root group=root + mode=0644 + register: r3 + with_items: + - master.cf + - generic.pcre + notify: + - Reload Postfix + +- name: Configure Postfix (2) + template: src=etc/postfix/main.cf.j2 + dest=/etc/postfix/main.cf + owner=root group=root + mode=0644 + register: r4 + notify: + - Restart Postfix + +- name: Update the static local Postfix database + postmap: cmd=postalias src=/etc/aliases db=cdb + owner=root group=root + mode=0644 + +# We're using CDB +- name: Delete /etc/aliases.db + file: path=/etc/aliases.db state=absent + +- name: Start Postfix + service: name=postfix state=started + when: not (r1.changed or r2.changed or r3.changed or r4.changed) + +- meta: flush_handlers diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml index 3ee4f49..355b2df 100644 --- a/roles/common/tasks/main.yml +++ b/roles/common/tasks/main.yml @@ -8,3 +8,4 @@ - include: fail2ban.yml tags=fail2ban - include: ipsec.yml tags=strongswan,ipsec - include: logging.yml tags=logging +- include: mail.yml tags=mail,postfix -- cgit v1.2.3