Files
@ 17cf34f73ca6
Branch filter:
Location: majic-ansible-roles/roles/mail_forwarder/tasks/main.yml - annotation
17cf34f73ca6
1.5 KiB
text/x-yaml
MAR-28: Implemented additional tests for mail_server role:
- Deploy a number of tools on clients in order to test SMTP, IMAP, and Sieve
services.
- Added one more user to LDAP directory for testing group restrictions.
- Deploy CA certificate on all testing machines for TLS validation purposes.
- Use different custom-configured cipher for mail server ciphers.
- Fixed invalid postmaster address for parameters-optional host.
- Deploy configuration files for use with Imap-CLI on client test machines.
- Updated testing of SMTP server to include checks for users that do not belong
to mail group.
- Extended some SMTP-related tests to cover both test servers.
- Some small fixes in SMTP-related tests for expected output from commands.
- Implemented tests covering Dovecot (IMAP + Sieve) functionality.
- Implemented tests for running/enabled services.
- Implemented tests for ClamAV.
- Implemented tests for firewall and connectivity.
- Implemented tests for Postfix TLS configuration.
- TODO: Tests for Sieve TLS configuration have not been written yet due to
limitation of available tools.
- Deploy a number of tools on clients in order to test SMTP, IMAP, and Sieve
services.
- Added one more user to LDAP directory for testing group restrictions.
- Deploy CA certificate on all testing machines for TLS validation purposes.
- Use different custom-configured cipher for mail server ciphers.
- Fixed invalid postmaster address for parameters-optional host.
- Deploy configuration files for use with Imap-CLI on client test machines.
- Updated testing of SMTP server to include checks for users that do not belong
to mail group.
- Extended some SMTP-related tests to cover both test servers.
- Some small fixes in SMTP-related tests for expected output from commands.
- Implemented tests covering Dovecot (IMAP + Sieve) functionality.
- Implemented tests for running/enabled services.
- Implemented tests for ClamAV.
- Implemented tests for firewall and connectivity.
- Implemented tests for Postfix TLS configuration.
- TODO: Tests for Sieve TLS configuration have not been written yet due to
limitation of available tools.
7ab6518de03b 7ab6518de03b 7ab6518de03b 7ab6518de03b 61e6cfb81789 61e6cfb81789 61e6cfb81789 7ab6518de03b 1b05bae8e440 1b05bae8e440 1b05bae8e440 1b05bae8e440 bf96a77e88ab bf96a77e88ab bf96a77e88ab bf96a77e88ab bf96a77e88ab bf96a77e88ab 7ab6518de03b 7ab6518de03b 7ab6518de03b 7ab6518de03b 7ab6518de03b 7ab6518de03b 7ab6518de03b 7ab6518de03b 7ab6518de03b 7ab6518de03b 7ab6518de03b 922cda0a1834 7ab6518de03b 7ab6518de03b c9b8c60fbd5e a561d73e3242 a561d73e3242 a561d73e3242 a561d73e3242 a561d73e3242 a561d73e3242 a561d73e3242 a561d73e3242 13fd27e4004c 13fd27e4004c 13fd27e4004c 13fd27e4004c 13fd27e4004c 13fd27e4004c c9b8c60fbd5e c9b8c60fbd5e 7387caca37f3 7387caca37f3 7387caca37f3 7387caca37f3 7387caca37f3 7387caca37f3 | ---
- name: Install Postfix
apt: name="postfix" state=installed
- name: Purge Exim configuration
apt: name="exim4*" state=absent purge=yes
- name: Deploy the SMTP relay TLS truststore
copy: content="{{ smtp_relay_truststore }}" dest="/etc/ssl/certs/smtp_relay_truststore.pem"
owner=root group=root mode=644
- name: Configure visible mail name of the system
copy: content="{{ inventory_hostname }}\n" dest="/etc/mailname"
owner=root group=root mode=0644
notify:
- Restart Postfix
- name: Deploy Postfix main configuration
template: src="main.cf.j2" dest="/etc/postfix/main.cf"
notify:
- Restart Postfix
- name: Set-up local mail aliases
lineinfile:
dest: "/etc/aliases"
line: "{{ item.key }}: {{ item.value }}"
regexp: "^{{ item.key }}"
state: present
with_dict: "{{ local_mail_aliases }}"
notify:
- Rebuild mail aliases
- name: Enable Postfix service on boot (workaround for systemctl broken handling of SysV)
command: rcconf -on postfix
register: result
changed_when: result.stderr == ""
- name: Enable postfix service
service: name=postfix state=started
- name: Deploy firewall configuration for mail forwader
template: src="ferm_mail.conf.j2" dest="/etc/ferm/conf.d/20-mail.conf"
owner=root group=root mode=640
notify:
- Restart ferm
- name: Install SWAKS
apt: name="swaks" state=installed
- name: Explicitly run all handlers
include: ../handlers/main.yml
when: "handlers | default(False) | bool() == True"
tags:
- handlers
|