|
|
|
- block:
|
|
|
|
- name: install libsasl2-modules
|
|
|
|
package:
|
|
|
|
name: libsasl2-modules
|
|
|
|
|
|
|
|
|
|
|
|
- name: edit postfix config
|
|
|
|
lineinfile:
|
|
|
|
path: /etc/postfix/main.cf
|
|
|
|
regexp: '^{{ item.name | regex_escape() }}([^\S\r\n]*)=([^\S\r\n]*)'
|
|
|
|
line: '{{ item.name }} = {{ item.value }}'
|
|
|
|
notify: restart postfix
|
|
|
|
loop:
|
|
|
|
- { name: myhostname, value: "{{ host_fqdn }}" }
|
|
|
|
- { name: relayhost, value: "{{ mail_server.mta_actual_hostname ~ '.' ~ int_tld }}:465" }
|
|
|
|
- { name: sender_canonical_classes, value: "envelope_sender, header_sender" }
|
|
|
|
- { name: sender_canonical_maps, value: "regexp:/etc/postfix/sender_canonical_maps" }
|
|
|
|
- { name: smtp_header_checks, value: "regexp:/etc/postfix/header_check" }
|
|
|
|
- { name: smtp_use_tls, value: "yes" }
|
|
|
|
- { name: smtp_sasl_auth_enable, value: "yes" }
|
|
|
|
- { name: smtp_sasl_security_options, value: "noanonymous" }
|
|
|
|
- { name: smtp_tls_wrappermode, value: "yes" }
|
|
|
|
- { name: smtp_tls_security_level, value: "encrypt" }
|
|
|
|
- { name: smtp_sasl_password_maps, value: "texthash:/etc/postfix/sasl_passwd" }
|
|
|
|
- { name: smtp_tls_CAfile, value: "/etc/ssl/certs/ca-certificates.crt" }
|
|
|
|
- { name: notify_classes, value: "" }
|
|
|
|
- { name: mydestination, value: "" }
|
|
|
|
|
|
|
|
|
|
|
|
- name: edit master.cf
|
|
|
|
lineinfile:
|
|
|
|
path: /etc/postfix/master.cf
|
|
|
|
regexp: '^bounce([^\S\r\n]+)unix'
|
|
|
|
line: 'bounce unix - - n - 0 discard'
|
|
|
|
notify: restart postfix
|
|
|
|
|
|
|
|
|
|
|
|
- name: create postfix files
|
|
|
|
copy:
|
|
|
|
dest: "/etc/postfix/{{ item.name }}"
|
|
|
|
content: "{{ item.content }}"
|
|
|
|
mode: "{{ item.mode | d(omit) }}"
|
|
|
|
notify: restart postfix
|
|
|
|
loop:
|
|
|
|
- name: sasl_passwd
|
|
|
|
content: "{{ mail_server.mta_actual_hostname ~ '.' ~ int_tld ~ ':465 ' ~
|
|
|
|
mail_account.username ~ '@' ~ mail_server.tld ~ ':' ~ mail_account.password }}"
|
|
|
|
mode: '0600'
|
|
|
|
- name: sender_canonical_maps
|
|
|
|
content: '/.+/ {{ host_name }}@{{ mail_server.tld }}'
|
|
|
|
- name: header_check
|
|
|
|
content: '/From:.*/ REPLACE From: {{ host_name }} <{{ host_name }}@{{ mail_server.tld }}>'
|
|
|
|
|
|
|
|
|
|
|
|
- name: edit crontab mail config
|
|
|
|
lineinfile:
|
|
|
|
path: /etc/crontab
|
|
|
|
regexp: '^MAILTO='
|
|
|
|
line: 'MAILTO=""'
|
|
|
|
insertafter: '^PATH='
|
|
|
|
|
|
|
|
|
|
|
|
- name: edit zed config file
|
|
|
|
lineinfile:
|
|
|
|
path: /etc/zfs/zed.d/zed.rc
|
|
|
|
regexp: '^{{ item.name | upper | regex_escape() }}='
|
|
|
|
line: '{{ item.name | upper }}="{{ item.value }}"'
|
|
|
|
notify: restart zed
|
|
|
|
loop:
|
|
|
|
- { name: zed_email_addr, value: "{{ maintainer_email }}" }
|
|
|
|
- { name: zed_email_prog, value: mail }
|
|
|
|
- { name: zed_email_opts, value: "-s '@SUBJECT@' @ADDRESS@ -r {{ mail_account.username ~ '@' ~ mail_server.tld }}" }
|
|
|
|
- { name: zed_notify_verbose, value: 1 }
|
|
|
|
|
|
|
|
when: (mail_account is mapping) and (mail_server is mapping)
|