diff options
Diffstat (limited to 'ansible/roles')
-rw-r--r-- | ansible/roles/postfix/defaults/main.yml | 1 | ||||
-rw-r--r-- | ansible/roles/postfix/handlers/main.yml | 11 | ||||
-rw-r--r-- | ansible/roles/postfix/tasks/main.yml | 47 |
3 files changed, 59 insertions, 0 deletions
diff --git a/ansible/roles/postfix/defaults/main.yml b/ansible/roles/postfix/defaults/main.yml new file mode 100644 index 0000000..72e4e25 --- /dev/null +++ b/ansible/roles/postfix/defaults/main.yml @@ -0,0 +1 @@ +postfix__is_satellite: yes diff --git a/ansible/roles/postfix/handlers/main.yml b/ansible/roles/postfix/handlers/main.yml new file mode 100644 index 0000000..95324ef --- /dev/null +++ b/ansible/roles/postfix/handlers/main.yml @@ -0,0 +1,11 @@ +- name: reload postfix + service: name=postfix state=reloaded + become: yes + +- name: postmap /etc/postfix/sasl_passwd + become: yes + shell: postmap /etc/postfix/sasl_passwd + +- name: postalias /etc/aliases + become: yes + shell: postalias /etc/aliases diff --git a/ansible/roles/postfix/tasks/main.yml b/ansible/roles/postfix/tasks/main.yml new file mode 100644 index 0000000..31ff3a2 --- /dev/null +++ b/ansible/roles/postfix/tasks/main.yml @@ -0,0 +1,47 @@ +- tags: postfix-config + become: yes + block: + - name: "Configure postfix: main.cf" + notify: reload postfix + with_items: + - key: "smtp_sasl_auth_enable" + value: "yes" + - key: "smtp_sasl_password_maps" + value: "hash:/etc/postfix/sasl_passwd" + - key: "smtp_sasl_security_options" + value: "noanonymous" + - key: "smtp_tls_security_level" + value: "{{ 'encrypt' if postfix__is_satellite else 'may' }}" + lineinfile: + dest: /etc/postfix/main.cf + line: "{{ item.key }} = {{ item.value }}" + regexp: "^{{ item.key }} =" + - name: "Configure postfix: main.cf (relayhost)" + when: postfix__relayhost is defined + notify: reload postfix + with_items: + - key: "relayhost" + value: "{{ postfix__relayhost }}" + lineinfile: + dest: /etc/postfix/main.cf + line: "{{ item.key }} = {{ item.value }}" + regexp: "^{{ item.key }} =" + +- tags: postfix-config + when: postfix__sasl_password is defined + become: yes + block: + - name: Create /etc/postfix/sasl_passwd + copy: + dest: /etc/postfix/sasl_passwd + content: "" + force: no + mode: 0600 + + - name: "Configure postfix: sasl_passwd" + notify: postmap /etc/postfix/sasl_passwd + with_items: "{{ postfix__sasl_password }}" + lineinfile: + dest: /etc/postfix/sasl_passwd + line: "{{ item.host }} {{ item.username }}:{{ item.password }}" + regexp: "^{{ item.host|regex_escape() }}" |