---

- name: Install Postfix
  apt:
    name: postfix
    state: present

- name: Install procmail
  apt:
    name: procmail
    state: present

- name: Purge Exim configuration
  apt:
    name: "exim4*"
    state: absent
    purge: true

- name: Deploy the SMTP relay TLS truststore
  copy:
    content: "{{ smtp_relay_truststore }}"
    dest: "/etc/ssl/certs/smtp_relay_truststore.pem"
    owner: root
    group: root
    mode: 0644

- name: Generate the SMTP server Diffie-Hellman parameter
  openssl_dhparam:
    owner: root
    group: root
    mode: 0640
    path: "/etc/ssl/private/{{ ansible_fqdn }}_smtp.dh.pem"
    size: 2048
  notify:
    - Restart Postfix

- name: Configure visible mail name of the system
  copy:
    content: "{{ inventory_hostname }}"
    dest: "/etc/mailname"
    owner: root
    group: root
    mode: 0644
  notify:
    - Restart Postfix

- name: Deploy Postfix main configuration
  template:
    src: "main.cf.j2"
    dest: "/etc/postfix/main.cf"
    owner: root
    group: root
    mode: 0644
  notify:
    - Restart Postfix

- name: Set-up local mail aliases
  lineinfile:
    dest: "/etc/aliases"
    line: "{{ item.key }}: {{ item.value }}"
    regexp: "^{{ item.key }}"
    state: present
  with_dict: "{{ local_mail_aliases }}"
  notify:
    - Rebuild mail aliases

- name: Enable and start postfix service
  service:
    name: postfix
    state: started
    enabled: true

- name: Deploy firewall configuration for mail forwader
  template:
    src: "ferm_mail.conf.j2"
    dest: "/etc/ferm/conf.d/20-mail.conf"
    owner: root
    group: root
    mode: 0640
  notify:
    - Restart ferm

- name: Install SWAKS
  apt:
    name: swaks
    state: present

- name: Explicitly run all handlers
  include: ../handlers/main.yml
  when: "run_handlers | default(False) | bool()"
  tags:
    - handlers