aboutsummaryrefslogtreecommitdiff
path: root/ansible/roles/postfix-satellite/tasks
diff options
context:
space:
mode:
Diffstat (limited to 'ansible/roles/postfix-satellite/tasks')
-rw-r--r--ansible/roles/postfix-satellite/tasks/main.yml4
-rw-r--r--ansible/roles/postfix-satellite/tasks/postfix-satellite.yml70
2 files changed, 74 insertions, 0 deletions
diff --git a/ansible/roles/postfix-satellite/tasks/main.yml b/ansible/roles/postfix-satellite/tasks/main.yml
new file mode 100644
index 0000000..3aeb3cc
--- /dev/null
+++ b/ansible/roles/postfix-satellite/tasks/main.yml
@@ -0,0 +1,4 @@
+---
+- tags: postfix-satellite
+ become: true
+ include: postfix-satellite.yml
diff --git a/ansible/roles/postfix-satellite/tasks/postfix-satellite.yml b/ansible/roles/postfix-satellite/tasks/postfix-satellite.yml
new file mode 100644
index 0000000..46f2fea
--- /dev/null
+++ b/ansible/roles/postfix-satellite/tasks/postfix-satellite.yml
@@ -0,0 +1,70 @@
+- name: Update apt cache
+ apt:
+ update_cache: yes
+ cache_valid_time: 3600
+- name: Install package
+ package:
+ name: "{{ item }}"
+ state: present
+ with_items:
+ - postfix
+ - libsasl2-modules
+ - swaks
+
+- name: "Configure postfix: main.cf"
+ tags: postfix-satellite-config
+ notify: reload postfix
+ lineinfile:
+ dest: /etc/postfix/main.cf
+ line: "{{ item.key }} = {{ item.value }}"
+ regexp: "^{{ item.key }} ="
+ with_items:
+ - key: "mydomain"
+ value: "bitraf.no"
+ - key: "myorigin"
+ value: "bitraf.no"
+ - key: "mydestination"
+ value: ""
+ - key: "smtp_sasl_auth_enable"
+ value: "yes"
+ - key: "smtp_sasl_password_maps"
+ value: "hash:/etc/postfix/sasl_passwd"
+ - key: "smtp_sasl_security_options"
+ value: "noanonymous"
+ - key: "smtp_sasl_tls_security_options"
+ value: "noanonymous"
+ - key: "smtp_tls_security_level"
+ value: "encrypt"
+ - key: "header_size_limit"
+ value: "4096000"
+ - key: "relayhost"
+ value: "{{ postfix__relayhost }}"
+
+- name: Create /etc/postfix/sasl_passwd
+ tags: postfix-satellite-config
+ copy:
+ dest: /etc/postfix/sasl_passwd
+ content: ""
+ force: no
+ mode: 0600
+
+- name: "Configure postfix: sasl_passwd"
+ tags: postfix-satellite-config
+ no_log: yes
+ lineinfile:
+ dest: /etc/postfix/sasl_passwd
+ line: "{{ item.host }} {{ item.username }}:{{ item.password }}"
+ regexp: "^{{ item.host|regex_escape() }}"
+ with_items: "{{ postfix.sasl_password }}"
+ notify: postmap /etc/postfix/sasl_passwd
+
+- name: Enable postfix service
+ service:
+ name: postfix
+ state: started
+ enabled: yes
+
+- name: Remove old /etc/postfix/sasl directory
+ file:
+ state: absent
+ path: "/etc/postfix/sasl"