--- - hosts: all tasks: - name: Update all caches to avoid errors due to missing remote archives apt: update_cache: yes changed_when: False - hosts: all tasks: - name: Set-up /etc/hosts entries lineinfile: dest: /etc/hosts line: "{{ item.key }} {{ item.value }}" with_dict: 10.31.127.10: "mail-server domain1" 10.31.127.20: "client1" 10.31.127.30: "parameters-mandatory" 10.31.127.31: "parameters-optional" 10.31.127.32: "parameters-no-incoming" - hosts: client1 tasks: - name: Install SWAKS for testing SMTP capability apt: name: swaks state: installed - name: Install tool for testing TCP connectivity apt: name: hping3 state: installed - name: Deploy CA certificate copy: src: tests/data/x509/ca.cert.pem dest: /usr/local/share/ca-certificates/testca.crt owner: root group: root mode: 0644 notify: - Update CA certificate cache handlers: - name: Update CA certificate cache command: /usr/sbin/update-ca-certificates --fresh - hosts: mail-server tasks: - name: Deploy CA certificate copy: src: tests/data/x509/ca.cert.pem dest: /usr/local/share/ca-certificates/testca.crt owner: root group: root mode: 0644 notify: - Update CA certificate cache - name: Deploy SMTP private key and certificate copy: src: "tests/data/x509/{{ item }}" dest: "/etc/ssl/{{ item }}" owner: root group: root mode: 0600 with_items: - mail-server_smtp.cert.pem - mail-server_smtp.key.pem - name: Install Postfix apt: name="postfix" state=installed - name: Purge Exim configuration apt: name="exim4*" state=absent purge=yes - name: Deploy Postfix configuration copy: src: tests/data/main.cf dest: /etc/postfix/main.cf owner: root group: root mode: 0644 notify: - Restart Postfix - name: Install tool for testing TCP connectivity apt: name: hping3 state: installed - name: Install SWAKS for testing SMTP capability apt: name: swaks state: installed - name: Set-up port forwarding command: "iptables -t nat -A PREROUTING -p tcp -m tcp --dport 27 -j REDIRECT --to-ports 25" changed_when: False handlers: - name: Update CA certificate cache command: /usr/sbin/update-ca-certificates --fresh - name: Restart Postfix service: name: postfix state: restarted - hosts: parameters-mandatory roles: - role: mail_forwarder # Global common parameters. tls_certificate_dir: tests/data/x509/ - hosts: parameters-optional roles: - role: mail_forwarder local_mail_aliases: root: "root testuser" smtp_from_relay_allowed: True smtp_relay_host: mail-server smtp_relay_host_port: 27 smtp_relay_truststore: "{{ lookup('file', 'tests/data/x509/ca.cert.pem') }}" # common ca_certificates: testca: "{{ lookup('file', 'tests/data/x509/ca.cert.pem') }}" - hosts: parameters-no-incoming roles: - role: mail_forwarder smtp_relay_host: mail-server smtp_from_relay_allowed: False smtp_relay_truststore: "{{ lookup('file', 'tests/data/x509/ca.cert.pem') }}" # common ca_certificates: testca: "{{ lookup('file', 'tests/data/x509/ca.cert.pem') }}" - hosts: parameters-optional tasks: - name: Create additional group for testing local aliases group: name: testuser - name: Create additional user for testing local aliases user: name: testuser group: testuser