From a22f3d46ff21d4761bea828fae4180f95da4a76d 2025-02-02 19:09:02
From: Branko Majic <branko@majic.rs>
Date: 2025-02-02 19:09:02
Subject: [PATCH] MAR-243: Fixed incorrect usage of inventory naming in mail_server role.

---

diff --git a/docs/releasenotes.rst b/docs/releasenotes.rst
index 25630dbb8ba115018d887d50e06cd0717d952372..ca2df54c9ae2cbd806e90c112fc4ba95ffa3673b 100644
--- a/docs/releasenotes.rst
+++ b/docs/releasenotes.rst
@@ -76,6 +76,11 @@ Upgraded to Ansible 10.4.x. Dropped support for Debian 11
     requirements upgrade checks virtual environment that can happen if
     the initial virtual environment set-up fails.
 
+* ``mail_server`` role
+
+  * Fixed incorrect use of inventory name instead of FQDN and hostname
+    for deployed files and configuration files.
+
 
 8.0.0
 -----
diff --git a/roles/mail_server/molecule/default/group_vars/parameters-mandatory.yml b/roles/mail_server/molecule/default/group_vars/parameters-mandatory.yml
index fa9e885f55f17b49c9e5f3a23a269555d6fd43e1..a81bafe0ebc68a5bac31db87501e75b4e3af9494 100644
--- a/roles/mail_server/molecule/default/group_vars/parameters-mandatory.yml
+++ b/roles/mail_server/molecule/default/group_vars/parameters-mandatory.yml
@@ -6,11 +6,11 @@ mail_ldap_tls_truststore: "{{ lookup('file', 'tests/data/x509/ca/chain-full.cert
 mail_ldap_postfix_password: postfixpassword
 mail_ldap_dovecot_password: dovecotpassword
 
-imap_tls_certificate: "{{ lookup('file', 'tests/data/x509/server/{{ inventory_hostname }}_imap.cert.pem') }}"
-imap_tls_key: "{{ lookup('file', 'tests/data/x509/server/{{ inventory_hostname }}_imap.key.pem') }}"
+imap_tls_certificate: "{{ lookup('file', 'tests/data/x509/server/{{ ansible_fqdn }}_imap.cert.pem') }}"
+imap_tls_key: "{{ lookup('file', 'tests/data/x509/server/{{ ansible_fqdn }}_imap.key.pem') }}"
 
-smtp_tls_certificate: "{{ lookup('file', 'tests/data/x509/server/{{ inventory_hostname }}_smtp.cert.pem') }}"
-smtp_tls_key: "{{ lookup('file', 'tests/data/x509/server/{{ inventory_hostname }}_smtp.key.pem') }}"
+smtp_tls_certificate: "{{ lookup('file', 'tests/data/x509/server/{{ ansible_fqdn }}_smtp.cert.pem') }}"
+smtp_tls_key: "{{ lookup('file', 'tests/data/x509/server/{{ ansible_fqdn }}_smtp.key.pem') }}"
 
 # common
 ca_certificates:
diff --git a/roles/mail_server/molecule/default/group_vars/parameters-optional.yml b/roles/mail_server/molecule/default/group_vars/parameters-optional.yml
index b6e86e8276f97e1e5e24e3a96994cfe5c68bd612..e8489d673f541bf92d39fffd1ffb895d206b2d48 100644
--- a/roles/mail_server/molecule/default/group_vars/parameters-optional.yml
+++ b/roles/mail_server/molecule/default/group_vars/parameters-optional.yml
@@ -19,12 +19,12 @@ mail_user: virtmail
 mail_user_uid: 5000
 mail_user_gid: 5000
 imap_max_user_connections_per_ip: 2
-imap_tls_certificate: "{{ lookup('file', 'tests/data/x509/server/{{ inventory_hostname }}_imap.cert.pem') }}"
-imap_tls_key: "{{ lookup('file', 'tests/data/x509/server/{{ inventory_hostname }}_imap.key.pem') }}"
+imap_tls_certificate: "{{ lookup('file', 'tests/data/x509/server/{{ ansible_fqdn }}_imap.cert.pem') }}"
+imap_tls_key: "{{ lookup('file', 'tests/data/x509/server/{{ ansible_fqdn }}_imap.key.pem') }}"
 local_mail_aliases:
   root: "john.doe@domain1"
-smtp_tls_certificate: "{{ lookup('file', 'tests/data/x509/server/{{ inventory_hostname }}_smtp.cert.pem') }}"
-smtp_tls_key: "{{ lookup('file', 'tests/data/x509/server/{{ inventory_hostname }}_smtp.key.pem') }}"
+smtp_tls_certificate: "{{ lookup('file', 'tests/data/x509/server/{{ ansible_fqdn }}_smtp.cert.pem') }}"
+smtp_tls_key: "{{ lookup('file', 'tests/data/x509/server/{{ ansible_fqdn }}_smtp.key.pem') }}"
 imap_folder_separator: "."
 smtp_rbl:
   - bl.spamcop.net
diff --git a/roles/mail_server/tasks/main.yml b/roles/mail_server/tasks/main.yml
index 397a9a767dd8027392e353015b6afe01dfb3425e..1040096b30f8ae88c83fad6881a0aa3ed7dc260a 100644
--- a/roles/mail_server/tasks/main.yml
+++ b/roles/mail_server/tasks/main.yml
@@ -171,7 +171,7 @@
 
 - name: Configure visible mail name of the system
   ansible.builtin.copy:
-    content: "{{ inventory_hostname }}"
+    content: "{{ ansible_fqdn }}"
     dest: "/etc/mailname"
     owner: root
     group: root
diff --git a/roles/mail_server/templates/main.cf.j2 b/roles/mail_server/templates/main.cf.j2
index ca4d07cb3e730101baa5f231602797f37be6c837..0091b0d39ca775ca80f1ef4f819c827c5545e61d 100644
--- a/roles/mail_server/templates/main.cf.j2
+++ b/roles/mail_server/templates/main.cf.j2
@@ -6,7 +6,7 @@
 # ================
 
 # Internet hostname of this mail system.
-myhostname = {{ inventory_hostname }}
+myhostname = {{ ansible_fqdn }}
 
 # Under Debian, when a file name is specified, the first line of the
 # file be used as the SMTP server name.
@@ -49,7 +49,7 @@ compatibility_level = 3.6
 # ======================
 
 # List of domains for local transport deliveries.
-mydestination = {{ inventory_hostname }}, {{ inventory_hostname_short }}, localhost.localdomain, localhost
+mydestination = {{ ansible_fqdn }}, {{ ansible_hostname }}, localhost.localdomain, localhost
 
 # Alias maps for local deliveries (to system accounts).
 alias_maps = hash:/etc/aliases
@@ -111,8 +111,8 @@ smtpd_tls_cert_file = /etc/ssl/certs/{{ ansible_fqdn }}_smtp.pem
 smtpd_tls_key_file = /etc/ssl/private/{{ ansible_fqdn }}_smtp.key
 
 # Use custom, generated DH parameters for increased security.
-smtpd_tls_dh1024_param_file = /etc/ssl/private/{{ inventory_hostname }}_smtp.dh.pem
-smtpd_tls_dh512_param_file = /etc/ssl/private/{{ inventory_hostname }}_smtp.dh.pem
+smtpd_tls_dh1024_param_file = /etc/ssl/private/{{ ansible_fqdn }}_smtp.dh.pem
+smtpd_tls_dh512_param_file = /etc/ssl/private/{{ ansible_fqdn }}_smtp.dh.pem
 
 # Use TLS when available with Postfix SMTP client.
 smtp_tls_security_level = may