You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
242 lines
5.2 KiB
242 lines
5.2 KiB
2 years ago
|
- name: set dovecot_cfg
|
||
|
set_fact:
|
||
|
dovecot_cfg: "{{ dovecot_default_config | d({}) | combine(dovecot_config | d({}), recursive=true) }}"
|
||
|
|
||
|
|
||
|
- name: install dovecot
|
||
|
include_tasks: tasks/install_packages.yml
|
||
|
vars:
|
||
|
package:
|
||
|
- dovecot
|
||
|
- dovecot-lmtpd
|
||
|
- dovecot-openrc
|
||
|
- dovecot-pgsql
|
||
|
- dovecot-pigeonhole-plugin
|
||
|
|
||
|
|
||
|
- name: create user and group
|
||
|
include_tasks: tasks/create_user.yml
|
||
|
vars:
|
||
|
user:
|
||
|
name: "{{ dovecot_user }}"
|
||
|
group: "{{ dovecot_group }}"
|
||
|
|
||
|
|
||
|
- name: create dovemail user and group
|
||
|
include_tasks: tasks/create_user.yml
|
||
|
vars:
|
||
|
user:
|
||
|
name: "{{ dovecot_mail_user }}"
|
||
|
group: "{{ dovecot_mail_group }}"
|
||
|
|
||
|
|
||
|
- name: create dovenull user and group
|
||
|
include_tasks: tasks/create_user.yml
|
||
|
vars:
|
||
|
user:
|
||
|
name: "{{ dovecot_null_user }}"
|
||
|
|
||
|
|
||
|
- name: create dovecot conf dir
|
||
|
file:
|
||
|
path: "{{ dovecot_conf_dir }}"
|
||
|
state: directory
|
||
|
mode: 0755
|
||
|
owner: "{{ dovecot_user }}"
|
||
|
group: "{{ dovecot_group }}"
|
||
|
|
||
|
|
||
|
- name: create dovecot tls dir
|
||
|
file:
|
||
|
path: "{{ dovecot_tls_dir }}"
|
||
|
state: directory
|
||
|
mode: 0700
|
||
|
|
||
|
|
||
|
- name: create dovecot mail dir
|
||
|
file:
|
||
|
path: "{{ dovecot_mail_dir }}"
|
||
|
state: directory
|
||
|
mode: "g+s,o-rwx"
|
||
|
owner: "{{ dovecot_mail_user }}"
|
||
|
group: "{{ dovecot_mail_group }}"
|
||
|
|
||
|
|
||
|
- name: create dovecot sieve dir
|
||
|
file:
|
||
|
path: "{{ dovecot_sieve_dir }}"
|
||
|
state: directory
|
||
|
mode: 0755
|
||
|
owner: "{{ dovecot_mail_user }}"
|
||
|
group: "{{ dovecot_mail_group }}"
|
||
|
|
||
|
|
||
|
- name: generate dh params
|
||
|
include_role:
|
||
|
name: ca
|
||
|
vars:
|
||
|
function: dhparams
|
||
|
dh_params:
|
||
|
path: "{{ dovecot_tls_dh2048 }}"
|
||
|
mode: '0400'
|
||
|
remote_gen: yes
|
||
|
notify: restart dovecot
|
||
|
|
||
|
|
||
|
- name: remove unneeded dovecot files
|
||
|
file:
|
||
|
path: "{{ dovecot_conf_dir ~ '/' ~ item }}"
|
||
|
state: absent
|
||
|
loop:
|
||
|
- conf.d
|
||
|
- dovecot-dict-auth.conf.ext
|
||
|
- dovecot-oauth2.conf.ext
|
||
|
- dovecot-openssl.cnf
|
||
|
- users
|
||
|
notify: restart dovecot
|
||
|
|
||
|
|
||
|
- name: get dovemail user info
|
||
|
getent:
|
||
|
database: passwd
|
||
|
key: "{{ dovecot_mail_user }}"
|
||
|
changed_when: no
|
||
|
|
||
|
|
||
|
- name: set dovemail uid
|
||
|
set_fact:
|
||
|
dovecot_dovemail_uid: "{{ getent_passwd[dovecot_mail_user][1] }}"
|
||
|
|
||
|
|
||
|
- name: template dovecot configuration
|
||
|
template:
|
||
|
src: "{{ item if item is string else item.src }}.j2"
|
||
|
dest: "{{ dovecot_conf_dir ~ '/' ~ ((item ~ '.conf.ext') if item is string else item.dest) }}"
|
||
|
force: yes
|
||
|
mode: "{{ '0400' if (item is string) else (item.mode | d('0400')) }}"
|
||
|
lstrip_blocks: yes
|
||
|
loop:
|
||
|
- { src: dovecot-dict-sql, dest: dovecot-dict-sql.conf.ext, mode: '0444' }
|
||
|
- dovecot-sql
|
||
|
- dovecot-trash
|
||
|
- { src: dovecot-acl, dest: dovecot.acl }
|
||
|
- { src: dovecot, dest: dovecot.conf }
|
||
|
notify: restart dovecot
|
||
|
|
||
|
|
||
|
- name: edit permissions of dovecot plugin files
|
||
|
file:
|
||
|
path: "{{ dovecot_conf_dir ~ '/' ~ item }}"
|
||
|
state: file
|
||
|
owner: "{{ dovecot_mail_user }}"
|
||
|
group: "{{ dovecot_mail_group }}"
|
||
|
loop:
|
||
|
- dovecot.acl
|
||
|
- dovecot-sql.conf.ext
|
||
|
- dovecot-trash.conf.ext
|
||
|
- dovecot-dict-sql.conf.ext
|
||
|
notify: restart dovecot
|
||
|
|
||
|
|
||
|
- name: template sieve scripts
|
||
|
template:
|
||
|
src: "{{ item.src }}.j2"
|
||
|
dest: "{{ dovecot_sieve_dir ~ '/' ~ item.dest ~ '.sieve' }}"
|
||
|
force: yes
|
||
|
mode: 0400
|
||
|
owner: "{{ dovecot_mail_user }}"
|
||
|
group: "{{ dovecot_mail_group }}"
|
||
|
loop: "{{ dovecot_sieve_scripts | d([]) }}"
|
||
|
register: result
|
||
|
|
||
|
|
||
|
- name: compile scripts
|
||
|
shell:
|
||
|
cmd: "sievec {{ (dovecot_sieve_dir ~ '/') | quote }}"
|
||
|
when: result.changed
|
||
|
notify: restart dovecot
|
||
|
|
||
|
|
||
|
- name: collect svbin files
|
||
|
find:
|
||
|
paths: "{{ dovecot_sieve_dir }}/"
|
||
|
patterns: "*.svbin"
|
||
|
recurse: yes
|
||
|
depth: 3
|
||
|
register: svbin_files
|
||
|
|
||
|
|
||
|
- name: change svbin permissions
|
||
|
file:
|
||
|
path: "{{ item.path }}"
|
||
|
mode: 0400
|
||
|
owner: "{{ dovecot_mail_user }}"
|
||
|
group: "{{ dovecot_mail_group }}"
|
||
|
loop: "{{ svbin_files.files | d([]) | flatten(levels=1) }}"
|
||
|
notify: restart dovecot
|
||
|
|
||
|
|
||
|
- name: add extra cname record
|
||
|
include_role:
|
||
|
name: ns
|
||
|
vars:
|
||
|
function: add_records
|
||
|
ns_add_default_record: no
|
||
|
ns_records:
|
||
|
- name: "{{ mail_server.mua_actual_hostname }}"
|
||
|
type: CNAME
|
||
|
value: "{{ host_fqdn }}"
|
||
|
when: mail_server.mua_actual_hostname is defined
|
||
|
|
||
|
|
||
|
- name: deploy certs
|
||
|
include_role:
|
||
|
name: certs
|
||
|
vars:
|
||
|
common:
|
||
|
owner: root
|
||
|
group: root
|
||
|
post_hook: service dovecot restart
|
||
|
notify: restart dovecot
|
||
|
hostname: "{{ mail_server.mua_actual_hostname }}"
|
||
|
certs:
|
||
|
- cert: "{{ dovecot_tls_int_ecc384_cert }}"
|
||
|
key: "{{ dovecot_tls_int_ecc384_key }}"
|
||
|
ecc: yes
|
||
|
- cert: "{{ dovecot_tls_int_rsa2048_cert }}"
|
||
|
key: "{{ dovecot_tls_int_rsa2048_key }}"
|
||
|
ecc: no
|
||
|
|
||
|
|
||
|
- name: flush handlers
|
||
|
meta: flush_handlers
|
||
|
|
||
|
|
||
|
- name: add directories to backup plan
|
||
|
include_role:
|
||
|
name: backup
|
||
|
vars:
|
||
|
function: add
|
||
|
backup_items:
|
||
|
- "{{ dovecot_conf_dir }}"
|
||
|
- "{{ dovecot_tls_dir }}"
|
||
|
- "{{ dovecot_sieve_dir }}"
|
||
|
- "{{ dovecot_script_dir }}"
|
||
|
|
||
|
|
||
|
- name: add mail dir to backup plan
|
||
|
include_role:
|
||
|
name: backup
|
||
|
vars:
|
||
|
function: add
|
||
|
backup_items:
|
||
|
- "{{ dovecot_mail_dir }}"
|
||
|
when: dovecot_backup_mail_dir | d(false) == true
|
||
|
|
||
|
|
||
|
- name: enable and start dovecot
|
||
|
service:
|
||
|
name: dovecot
|
||
|
enabled: yes
|
||
|
state: started
|