aboutsummaryrefslogtreecommitdiff
path: root/ansible/roles
diff options
context:
space:
mode:
authorTrygve Laugstøl <trygvis@inamo.no>2018-11-01 11:04:21 +0100
committerTrygve Laugstøl <trygvis@inamo.no>2018-11-01 11:04:21 +0100
commit85b3d2a16b5cfbb499a4ebcb88967dcdc334cf21 (patch)
tree19eabeb91afe3da8f119146ed4537128a37916a2 /ansible/roles
parentdd49efbcad47f7d9e801bb12758183220dae9c86 (diff)
downloadinfra-85b3d2a16b5cfbb499a4ebcb88967dcdc334cf21.tar.gz
infra-85b3d2a16b5cfbb499a4ebcb88967dcdc334cf21.tar.bz2
infra-85b3d2a16b5cfbb499a4ebcb88967dcdc334cf21.tar.xz
infra-85b3d2a16b5cfbb499a4ebcb88967dcdc334cf21.zip
o Adding postfix role, enabling for knot.
Diffstat (limited to 'ansible/roles')
-rw-r--r--ansible/roles/postfix/defaults/main.yml1
-rw-r--r--ansible/roles/postfix/handlers/main.yml11
-rw-r--r--ansible/roles/postfix/tasks/main.yml47
3 files changed, 59 insertions, 0 deletions
diff --git a/ansible/roles/postfix/defaults/main.yml b/ansible/roles/postfix/defaults/main.yml
new file mode 100644
index 0000000..72e4e25
--- /dev/null
+++ b/ansible/roles/postfix/defaults/main.yml
@@ -0,0 +1 @@
+postfix__is_satellite: yes
diff --git a/ansible/roles/postfix/handlers/main.yml b/ansible/roles/postfix/handlers/main.yml
new file mode 100644
index 0000000..95324ef
--- /dev/null
+++ b/ansible/roles/postfix/handlers/main.yml
@@ -0,0 +1,11 @@
+- name: reload postfix
+ service: name=postfix state=reloaded
+ become: yes
+
+- name: postmap /etc/postfix/sasl_passwd
+ become: yes
+ shell: postmap /etc/postfix/sasl_passwd
+
+- name: postalias /etc/aliases
+ become: yes
+ shell: postalias /etc/aliases
diff --git a/ansible/roles/postfix/tasks/main.yml b/ansible/roles/postfix/tasks/main.yml
new file mode 100644
index 0000000..31ff3a2
--- /dev/null
+++ b/ansible/roles/postfix/tasks/main.yml
@@ -0,0 +1,47 @@
+- tags: postfix-config
+ become: yes
+ block:
+ - name: "Configure postfix: main.cf"
+ notify: reload postfix
+ with_items:
+ - key: "smtp_sasl_auth_enable"
+ value: "yes"
+ - key: "smtp_sasl_password_maps"
+ value: "hash:/etc/postfix/sasl_passwd"
+ - key: "smtp_sasl_security_options"
+ value: "noanonymous"
+ - key: "smtp_tls_security_level"
+ value: "{{ 'encrypt' if postfix__is_satellite else 'may' }}"
+ lineinfile:
+ dest: /etc/postfix/main.cf
+ line: "{{ item.key }} = {{ item.value }}"
+ regexp: "^{{ item.key }} ="
+ - name: "Configure postfix: main.cf (relayhost)"
+ when: postfix__relayhost is defined
+ notify: reload postfix
+ with_items:
+ - key: "relayhost"
+ value: "{{ postfix__relayhost }}"
+ lineinfile:
+ dest: /etc/postfix/main.cf
+ line: "{{ item.key }} = {{ item.value }}"
+ regexp: "^{{ item.key }} ="
+
+- tags: postfix-config
+ when: postfix__sasl_password is defined
+ become: yes
+ block:
+ - name: Create /etc/postfix/sasl_passwd
+ copy:
+ dest: /etc/postfix/sasl_passwd
+ content: ""
+ force: no
+ mode: 0600
+
+ - name: "Configure postfix: sasl_passwd"
+ notify: postmap /etc/postfix/sasl_passwd
+ with_items: "{{ postfix__sasl_password }}"
+ lineinfile:
+ dest: /etc/postfix/sasl_passwd
+ line: "{{ item.host }} {{ item.username }}:{{ item.password }}"
+ regexp: "^{{ item.host|regex_escape() }}"