Files @ 298c0dbe1698
Branch filter:

Location: majic-ansible-roles/roles/mail_server/tasks/main.yml

298c0dbe1698 3.5 KiB text/x-yaml Show Annotation Show as Raw Download as Raw
branko
MAR-4: Updated documentation for the mail server role, adding information about rsync installation, set-up of chroot for Postfix, and the smtp_allow_relay_from option. Updated mail_server role implementation, fixing rsync command for deploying the truststore to preserve truststore permissions and adding support for specifying networks from which unauthenticated relaying should be allowed.
  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
---

- name: Install rsync
  apt: name="rsync" state=installed

- name: Add backports repository
  apt_repository: repo="deb http://http.debian.net/debian wheezy-backports main" state=present

- name: Install Dovecot packages
  apt: name="{{ item }}" state=installed default_release="wheezy-backports"
  with_items:
    - dovecot-imapd
    - dovecot-ldap
    - dovecot-sieve
    - dovecot-managesieved

- name: Install Postfix packages
  apt: name="{{ item }}" state=installed
  with_items:
    - postfix
    - postfix-ldap
  notify:
    - Purge Exim configuration

- name: Install SWAKS
  apt: name="swaks" state=installed

- name: Install milter packages
  apt: name=clamav-milter state=installed

- name: Configure ClamAV Milter
  copy: dest="/etc/clamav/clamav-milter.conf" src="clamav-milter.conf"
        mode=644 owner=root group=root
  notify:
    - Restart ClamAV Milter

- name: Set-up privileges for directories within Postfix chroot
  file: dest="{{ item }}" mode=755 state=directory owner=root group=root
  with_items:
    - /var/spool/postfix/var
    - /var/spool/postfix/var/run

- name: Set-up privileges for directories within Postfix chroot
  file: dest="{{ item }}" mode=755 state=directory owner=clamav group=clamav
  with_items:
    - /var/spool/postfix/var/run/clamav

- name: Copy the LDAP TLS truststore into Postfix chroot
  command: rsync -pci "{{ mail_ldap_tls_truststore }}" "/var/spool/postfix/{{ mail_ldap_tls_truststore}}"
  register: rsync_result
  changed_when: "rsync_result.stdout != ''"

- name: Deploy Postfix configurations files for LDAP look-ups
  template: src="{{ item }}.cf.j2" dest="/etc/postfix/{{ item }}.cf" owner=root group=postfix mode=640
  with_items:
    - ldap-virtual-alias-maps
    - ldap-virtual-mailbox-domains
    - ldap-virtual-mailbox-maps
  notify:
    - Restart Postfix

- name: Deploy Postfix main configuration
  template: src="main.cf.j2" dest="/etc/postfix/main.cf"
  notify:
    - Restart Postfix

- name: Create mail owner group
  group: name="{{ mail_user }}" gid="{{ mail_user_gid }}" state=present

- name: Create mail owner user
  user: name="{{ mail_user }}" uid="{{ mail_user_uid }}" group="{{ mail_user }}"
        home="/var/{{ mail_user }}" state=present

- name: Disable Dovecot system authentication
  lineinfile: dest="/etc/dovecot/conf.d/10-auth.conf" line="!include auth-system.conf.ext" state=absent
  notify:
    - Restart Dovecot

- name: Deploy Dovecot configuration file with overrides
  template: src="99-local.conf.j2" dest="/etc/dovecot/conf.d/99-local.conf" owner=root group=root mode=644
  notify:
    - Restart Dovecot

- name: Deploy Dovecot configuration file for LDAP look-ups
  template: src="dovecot-ldap.conf.ext.j2" dest="/etc/dovecot/dovecot-ldap.conf.ext" owner=root group=root mode=600
  notify:
    - Restart Dovecot

- name: Configure Postfix for Dovecot delivery
  lineinfile: dest=/etc/postfix/master.cf state=present
              regexp="dovecot"
              line="dovecot   unix  -       n       n       -       -       pipe    flags=DRhu user={{ mail_user }}:{{ mail_user }} argv=/usr/lib/dovecot/dovecot-lda -f ${sender} -d ${recipient}"
  notify:
    - Restart Postfix

- name: Enable ClamAV service
  service: name="{{ item }}" state=started
  with_items:
    - clamav-daemon
    - clamav-freshclam

- name: Enable ClamAV milter service.
  service: name=clamav-milter state=started

- name: Enable Postfix service
  service: name=postfix enabled=yes state=started

- name: Enable Dovecot service
  service: name=dovecot enabled=yes state=started
This site is powered by Kallithea 0.7.0, which is © 2010–2023 by various authors & licensed under GPLv3.