From 3bd270c9e8605e2c24a3049c55c5b2f7760185f4 2016-11-26 21:47:16 From: Branko Majic Date: 2016-11-26 21:47:16 Subject: [PATCH] MAR-78: Implement ability to specify local mail aliases in the mail_server role. --- diff --git a/docs/rolereference.rst b/docs/rolereference.rst index 4901de7332b66625b1e1c9c38b72fcc846534ffd..ae107deb91ca7d06c7d86868d0fde0f2f35f8d5e 100644 --- a/docs/rolereference.rst +++ b/docs/rolereference.rst @@ -842,6 +842,7 @@ The role implements the following: * Deploys IMAP/SMTP TLS private keys and certificates. * Installs and configures Dovecot, Postfix, ClamAV, and ClamAV Milter. * Purges Exim4 configuration (just in case). +* Sets-up aliases for the local recipients. * Installs SWAKS (utility for testing SMTP servers). * Sets-up the necessary directories and files under Postfix chroot. * Configures firewall to allow incoming connections to the mail server. This @@ -970,6 +971,13 @@ Parameters Private key used for TLS for IMAP service. The file will be stored in directory ``/etc/ssl/private/`` under name ``{{ ansible_fqdn }}_imap.key``. +**local_mail_aliases** (dictionary, optional, ``[]``) + Dictionary defining the local aliases. Aliases defined this way will either be + appended to default aliases on the server, or replace the existing entries (if + the alias/recipient is already present). Keys in the dictionary are the local + recipients/aliases, while the value provided should be a space-separated list + of mail addresses (or local users) where the mails should be forwarded. + **smtp_tls_certificate** (string, optional, ``{{ lookup('file', tls_certificate_dir + '/' ansible_fqdn + '_smtp.pem') }}``) X.509 certificate used for TLS for SMTP service. The file will be stored in directory ``/etc/ssl/certs/`` under name ``{{ ansible_fqdn }}_smtp.pem``. @@ -1015,6 +1023,11 @@ Here is an example configuration for setting-up XMPP server using Prosody: mail_user_uid: 5000 mail_user_gid: 5000 + # All mails sent to local user root will be forwarded to external account as + # well. + local_mail_aliases: + root: "root john.doe@example.com" + imap_tls_certificate: "{{ lookup('file', '~/tls/mail.example.com_imap.pem') }}" imap_tls_key: "{{ lookup('file', '~/tls/mail.example.com_imap.key') }}" smtp_tls_certificate: "{{ lookup('file', '~/tls/mail.example.com_smtp.pem') }}" diff --git a/roles/mail_server/defaults/main.yml b/roles/mail_server/defaults/main.yml index ce8c33f6019085420b53ef5e37da9c6f9e37973e..0a82f336472c200eead62bc6f76e3e95f97e47ce 100644 --- a/roles/mail_server/defaults/main.yml +++ b/roles/mail_server/defaults/main.yml @@ -10,4 +10,5 @@ smtp_tls_key: "{{ lookup('file', tls_private_key_dir + '/' + ansible_fqdn + '_sm imap_folder_separator: "/" smtp_rbl: [] mail_postmaster: "postmaster@{{ ansible_domain }}" -smtp_allow_relay_from: [] \ No newline at end of file +smtp_allow_relay_from: [] +local_mail_aliases: [] \ No newline at end of file diff --git a/roles/mail_server/handlers/main.yml b/roles/mail_server/handlers/main.yml index 059dbba606abaa235f70bcf526d8b5817fd82667..af8ed96efb305add75143e746b0133cbea7e9cda 100644 --- a/roles/mail_server/handlers/main.yml +++ b/roles/mail_server/handlers/main.yml @@ -8,3 +8,6 @@ - name: Restart ClamAV Milter service: name="clamav-milter" state=restarted + +- name: Rebuild mail aliases + command: /usr/bin/newaliases diff --git a/roles/mail_server/tasks/main.yml b/roles/mail_server/tasks/main.yml index e2acb4cd2334a6c45cd1fe2a0ef220d6e0d4fff1..a72994ecc06c57515a27b0366288c0d760908670 100644 --- a/roles/mail_server/tasks/main.yml +++ b/roles/mail_server/tasks/main.yml @@ -95,6 +95,16 @@ notify: - Restart Postfix +- name: Set-up local mail aliases + lineinfile: + dest: "/etc/aliases" + line: "{{ item.key }}: {{ item.value }}" + regexp: "^{{ item.key }}" + state: present + with_dict: "{{ local_mail_aliases }}" + notify: + - Rebuild mail aliases + - name: Create mail owner group group: name="{{ mail_user }}" gid="{{ mail_user_gid | default(omit) }}" state=present diff --git a/testsite/group_vars/mail.yml b/testsite/group_vars/mail.yml index 0d61b3af58f28895f2f38f532f407f927bc3cf8f..6f850c65528a179e426789ffcd7ae2fada1a720a 100644 --- a/testsite/group_vars/mail.yml +++ b/testsite/group_vars/mail.yml @@ -10,6 +10,9 @@ mail_user: vmail mail_user_uid: 5000 mail_user_gid: 5000 +local_mail_aliases: + root: "root john.doe@{{ testsite_domain }}" + imap_tls_certificate: "{{ lookup('file', inventory_dir + '/tls/mail.' + testsite_domain + '_imap.pem') }}" imap_tls_key: "{{ lookup('file', inventory_dir + '/tls/mail.' + testsite_domain + '_imap.key') }}" smtp_tls_certificate: "{{ lookup('file', inventory_dir + '/tls/mail.' + testsite_domain + '_smtp.pem') }}"