diff options
Diffstat (limited to 'ansible/roles/postfix-satellite/tasks')
-rw-r--r-- | ansible/roles/postfix-satellite/tasks/main.yml | 4 | ||||
-rw-r--r-- | ansible/roles/postfix-satellite/tasks/postfix-satellite.yml | 70 |
2 files changed, 74 insertions, 0 deletions
diff --git a/ansible/roles/postfix-satellite/tasks/main.yml b/ansible/roles/postfix-satellite/tasks/main.yml new file mode 100644 index 0000000..3aeb3cc --- /dev/null +++ b/ansible/roles/postfix-satellite/tasks/main.yml @@ -0,0 +1,4 @@ +--- +- tags: postfix-satellite + become: true + include: postfix-satellite.yml diff --git a/ansible/roles/postfix-satellite/tasks/postfix-satellite.yml b/ansible/roles/postfix-satellite/tasks/postfix-satellite.yml new file mode 100644 index 0000000..46f2fea --- /dev/null +++ b/ansible/roles/postfix-satellite/tasks/postfix-satellite.yml @@ -0,0 +1,70 @@ +- name: Update apt cache + apt: + update_cache: yes + cache_valid_time: 3600 +- name: Install package + package: + name: "{{ item }}" + state: present + with_items: + - postfix + - libsasl2-modules + - swaks + +- name: "Configure postfix: main.cf" + tags: postfix-satellite-config + notify: reload postfix + lineinfile: + dest: /etc/postfix/main.cf + line: "{{ item.key }} = {{ item.value }}" + regexp: "^{{ item.key }} =" + with_items: + - key: "mydomain" + value: "bitraf.no" + - key: "myorigin" + value: "bitraf.no" + - key: "mydestination" + value: "" + - key: "smtp_sasl_auth_enable" + value: "yes" + - key: "smtp_sasl_password_maps" + value: "hash:/etc/postfix/sasl_passwd" + - key: "smtp_sasl_security_options" + value: "noanonymous" + - key: "smtp_sasl_tls_security_options" + value: "noanonymous" + - key: "smtp_tls_security_level" + value: "encrypt" + - key: "header_size_limit" + value: "4096000" + - key: "relayhost" + value: "{{ postfix__relayhost }}" + +- name: Create /etc/postfix/sasl_passwd + tags: postfix-satellite-config + copy: + dest: /etc/postfix/sasl_passwd + content: "" + force: no + mode: 0600 + +- name: "Configure postfix: sasl_passwd" + tags: postfix-satellite-config + no_log: yes + lineinfile: + dest: /etc/postfix/sasl_passwd + line: "{{ item.host }} {{ item.username }}:{{ item.password }}" + regexp: "^{{ item.host|regex_escape() }}" + with_items: "{{ postfix.sasl_password }}" + notify: postmap /etc/postfix/sasl_passwd + +- name: Enable postfix service + service: + name: postfix + state: started + enabled: yes + +- name: Remove old /etc/postfix/sasl directory + file: + state: absent + path: "/etc/postfix/sasl" |