dave
/
ansible-playbooks
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
๐Ÿ“— Ansible playbooks and roles for building an idempotent, interconnected and scalable infrastructure
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
7 Commits
2 Branches
0 Tags
425 KiB
 
 
Tag: Branch: Tree: bdbca4a90e
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'bdbca4a90e'
${ noResults }
ansible-playbooks/roles/proxmox/tasks/mail.yml

75 lines
2.9 KiB
Raw Blame History

- block:
- name: install libsasl2-modules
package:
name: libsasl2-modules
- name: edit postfix config
lineinfile:
path: /etc/postfix/main.cf
regexp: '^{{ item.name | regex_escape() }}([^\S\r\n]*)=([^\S\r\n]*)'
line: '{{ item.name }} = {{ item.value }}'
notify: restart postfix
loop:
- { name: myhostname, value: "{{ host_fqdn }}" }
- { name: relayhost, value: "{{ mail_server.mta_actual_hostname ~ '.' ~ int_tld }}:465" }
- { name: sender_canonical_classes, value: "envelope_sender, header_sender" }
- { name: sender_canonical_maps, value: "regexp:/etc/postfix/sender_canonical_maps" }
- { name: smtp_header_checks, value: "regexp:/etc/postfix/header_check" }
- { name: smtp_use_tls, value: "yes" }
- { name: smtp_sasl_auth_enable, value: "yes" }
- { name: smtp_sasl_security_options, value: "noanonymous" }
- { name: smtp_tls_wrappermode, value: "yes" }
- { name: smtp_tls_security_level, value: "encrypt" }
- { name: smtp_sasl_password_maps, value: "texthash:/etc/postfix/sasl_passwd" }
- { name: smtp_tls_CAfile, value: "/etc/ssl/certs/ca-certificates.crt" }
- { name: notify_classes, value: "" }
- { name: mydestination, value: "" }
- name: edit master.cf
lineinfile:
path: /etc/postfix/master.cf
regexp: '^bounce([^\S\r\n]+)unix'
line: 'bounce unix - - n - 0 discard'
notify: restart postfix
- name: create postfix files
copy:
dest: "/etc/postfix/{{ item.name }}"
content: "{{ item.content }}"
mode: "{{ item.mode | d(omit) }}"
notify: restart postfix
loop:
- name: sasl_passwd
content: "{{ mail_server.mta_actual_hostname ~ '.' ~ int_tld ~ ':465 ' ~
mail_account.username ~ '@' ~ mail_server.tld ~ ':' ~ mail_account.password }}"
mode: '0600'
- name: sender_canonical_maps
content: '/.+/ {{ host_name }}@{{ mail_server.tld }}'
- name: header_check
content: '/From:.*/ REPLACE From: {{ host_name }} <{{ host_name }}@{{ mail_server.tld }}>'
- name: edit crontab mail config
lineinfile:
path: /etc/crontab
regexp: '^MAILTO='
line: 'MAILTO=""'
insertafter: '^PATH='
- name: edit zed config file
lineinfile:
path: /etc/zfs/zed.d/zed.rc
regexp: '^{{ item.name | upper | regex_escape() }}='
line: '{{ item.name | upper }}="{{ item.value }}"'
notify: restart zed
loop:
- { name: zed_email_addr, value: "{{ maintainer_email }}" }
- { name: zed_email_prog, value: mail }
- { name: zed_email_opts, value: "-s '@SUBJECT@' @ADDRESS@ -r {{ mail_account.username ~ '@' ~ mail_server.tld }}" }
- { name: zed_notify_verbose, value: 1 }
when: (mail_account is mapping) and (mail_server is mapping)