From 2c925ea17fcb6f71826e5c0f30f99c5daba10e14 Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Thu, 4 Jun 2015 20:26:53 +0200 Subject: Make the webmail connect directly to the outgoing SMTP proxy. (Hence delete the 'webmail' Postfix instance.) This shortens the delay caused by the recipient verification probes. --- roles/webmail/tasks/mail.yml | 42 +++++++++++++++++++++++++++++++++--------- 1 file changed, 33 insertions(+), 9 deletions(-) (limited to 'roles/webmail/tasks/mail.yml') diff --git a/roles/webmail/tasks/mail.yml b/roles/webmail/tasks/mail.yml index e2dea38..7603a56 100644 --- a/roles/webmail/tasks/mail.yml +++ b/roles/webmail/tasks/mail.yml @@ -1,15 +1,39 @@ -- name: Install Postfix - apt: pkg=postfix +- name: Install stunnel + apt: pkg=stunnel4 -- name: Configure Postfix - template: src=etc/postfix/main.cf.j2 - dest=/etc/postfix-{{ postfix_instance[inst].name }}/main.cf +- name: Auto-enable stunnel + lineinfile: dest=/etc/default/stunnel4 + regexp='^(\s*#)?\s*ENABLED=' + line='ENABLED=1' + owner=root group=root + mode=0644 + +- name: Create /etc/stunnel/certs + file: path=/etc/stunnel/certs + state=directory + owner=root group=root + mode=0755 + +- name: Copy the SMTP outgoing proxy's X.509 certificate + assemble: src=certs/postfix regexp="{{ groups.out | difference([inventory_hostname]) | join('|') }}\.pem$" remote_src=no + dest=/etc/stunnel/certs/postfix.pem owner=root group=root mode=0644 + register: r1 notify: - - Reload Postfix + - Restart stunnel -- meta: flush_handlers +- name: Configure stunnel + template: src=etc/stunnel/postfix.conf.j2 + dest=/etc/stunnel/postfix.conf + owner=root group=root + mode=0644 + register: r2 + notify: + - Restart stunnel -- name: Start Postfix - service: name=postfix state=started +- name: Start stunnel + service: name=stunnel4 pattern=/usr/bin/stunnel4 state=started + when: not (r1.changed or r2.changed) + +- meta: flush_handlers -- cgit v1.2.3