summaryrefslogtreecommitdiffstats
path: root/roles/MSA/tasks/main.yml
blob: 1c347202f1f14134ddaea8ad3f90bd7310dcc45d (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
- name: Install Postfix
  apt: pkg={{ item }}
  with_items:
    - postfix
    - postfix-pcre

- name: Configure Postfix
  template: src=etc/postfix/{{ item }}.j2
            dest=/etc/postfix-{{ postfix_instance[inst].name }}/{{ item }}
            owner=root group=root
            mode=0644
  with_items:
    - main.cf
    - master.cf
  notify:
    - Reload Postfix

- name: Copy the Regex to anonymize senders
  # no need to reload upon change, as cleanup(8) is short-running
  copy: src=etc/postfix/anonymize_sender.pcre
        dest=/etc/postfix-{{ postfix_instance[inst].name }}/anonymize_sender.pcre
        owner=root group=root
        mode=0644

- meta: flush_handlers

- name: Start Postfix
  service: name=postfix state=started

- name: Fetch Postfix's X.509 certificate
  # Ensure we don't fetch private data
  become: False
  # `/usr/sbin/postmulti -i msa -x /usr/sbin/postconf -xh smtpd_tls_cert_file`
  fetch_cmd: cmd="openssl x509 -noout -pubkey"
             stdin=/etc/postfix/ssl/smtp.fripost.org.pem
             dest=certs/public/smtp.fripost.org.pub
  tags:
    - genkey


- name: Install 'postfix_mailqueue_' Munin wildcard plugin
  file: src=/usr/local/share/munin/plugins/postfix_mailqueue_
        dest=/etc/munin/plugins/postfix_mailqueue_postfix-{{ postfix_instance[inst].name }}
        owner=root group=root
        state=link force=yes
  tags:
    - munin
    - munin-node
  notify:
    - Restart munin-node

- name: Install 'postfix_stats_' Munin wildcard plugin
  file: src=/usr/local/share/munin/plugins/postfix_stats_
        dest=/etc/munin/plugins/postfix_stats_{{ item }}_postfix-{{ postfix_instance[inst].name }}
        owner=root group=root
        state=link force=yes
  with_items:
    - smtpd
    - qmgr
    - smtp
  tags:
    - munin
    - munin-node
  notify:
    - Restart munin-node

- name: Install 'postfix_sasl_' Munin wildcard plugin
  file: src=/usr/local/share/munin/plugins/postfix_sasl_
        dest=/etc/munin/plugins/postfix_sasl_postfix-{{ postfix_instance[inst].name }}
        owner=root group=root
        state=link force=yes
  tags:
    - munin
    - munin-node
  notify:
    - Restart munin-node