diff --git a/roles/mail_forwarder/tasks/main.yml b/roles/mail_forwarder/tasks/main.yml index 247d66de50f442c34cb50c018feeeb7aa0c0569e..a58530e2e04815b1969d5c5b0190ef55602b1b37 100644 --- a/roles/mail_forwarder/tasks/main.yml +++ b/roles/mail_forwarder/tasks/main.yml @@ -1,23 +1,23 @@ --- - name: Install Postfix - apt: + ansible.builtin.apt: name: postfix state: present - name: Install procmail - apt: + ansible.builtin.apt: name: procmail state: present - name: Purge Exim configuration - apt: + ansible.builtin.apt: name: "exim4*" state: absent purge: true - name: Deploy the SMTP relay TLS truststore - copy: + ansible.builtin.copy: content: "{{ smtp_relay_truststore }}" dest: "/etc/ssl/certs/smtp_relay_truststore.pem" owner: root @@ -25,7 +25,7 @@ mode: "0644" - name: Generate the SMTP server Diffie-Hellman parameter - openssl_dhparam: + community.crypto.openssl_dhparam: owner: root group: root mode: "0640" @@ -35,7 +35,7 @@ - Restart Postfix - name: Configure visible mail name of the system - copy: + ansible.builtin.copy: content: "{{ inventory_hostname }}" dest: "/etc/mailname" owner: root @@ -45,7 +45,7 @@ - Restart Postfix - name: Deploy Postfix main configuration - template: + ansible.builtin.template: src: "main.cf.j2" dest: "/etc/postfix/main.cf" owner: root @@ -55,7 +55,7 @@ - Restart Postfix - name: Set-up local mail aliases - lineinfile: + ansible.builtin.lineinfile: dest: "/etc/aliases" line: "{{ item.key }}: {{ item.value }}" regexp: "^{{ item.key }}" @@ -65,13 +65,13 @@ - Rebuild mail aliases - name: Enable and start postfix service - service: + ansible.builtin.service: name: postfix state: started enabled: true - name: Retrieve IPv4 addresses of SMTP relay host - shell: "getent ahostsv4 '{{ smtp_relay_host }}' | awk '{ print $1 }' | sort -u" # noqa risky-shell-pipe + ansible.builtin.shell: "getent ahostsv4 '{{ smtp_relay_host }}' | awk '{ print $1 }' | sort -u" # noqa risky-shell-pipe # [risky-shell-pipe] Shells that use pipes should set the pipefail option # The getent ahostsv4 command has non-zero exit code if the # supplies name cannot be resolved. However, that is a valid @@ -82,7 +82,7 @@ register: smtp_relay_host_ipv4 - name: Retrieve IPv6 addresses of SMTP relay host - shell: "getent ahostsv6 '{{ smtp_relay_host }}' | awk '{ print $1 }' | grep -v '^::ffff:' | sort -u" # noqa risky-shell-pipe + ansible.builtin.shell: "getent ahostsv6 '{{ smtp_relay_host }}' | awk '{ print $1 }' | grep -v '^::ffff:' | sort -u" # noqa risky-shell-pipe # [risky-shell-pipe] Shells that use pipes should set the pipefail option # The getent ahostsv6 command has non-zero exit code if the # supplies name cannot be resolved. However, that is a valid @@ -93,17 +93,17 @@ register: smtp_relay_host_ipv6 - name: Normalise the SMTP relay host IPv4 addresses variable - set_fact: + ansible.builtin.set_fact: smtp_relay_host_ipv4: "{{ smtp_relay_host_ipv4.stdout_lines | reject('equalto', '') | list }}" when: "smtp_relay_host | length != 0" - name: Normalise the SMTP relay host IPv6 addresses variable - set_fact: + ansible.builtin.set_fact: smtp_relay_host_ipv6: "{{ smtp_relay_host_ipv6.stdout_lines | reject('equalto', '') | list }}" when: "smtp_relay_host | length != 0" - name: Deploy firewall configuration for mail forwader - template: + ansible.builtin.template: src: "ferm_mail.conf.j2" dest: "/etc/ferm/conf.d/20-mail.conf" owner: root @@ -113,12 +113,12 @@ - Restart ferm - name: Install SWAKS - apt: + ansible.builtin.apt: name: swaks state: present - name: Explicitly run all handlers - include_tasks: ../handlers/main.yml + ansible.builtin.include_tasks: ../handlers/main.yml when: "run_handlers | default(False) | bool()" tags: - handlers