From 28dc008fc7400e8fb029ed8cd0d5c55e4c9e77ae Mon Sep 17 00:00:00 2001 From: "Antonio J. Delgado" Date: Tue, 11 Oct 2022 10:18:52 +0300 Subject: [PATCH] Initial commit with previous code --- defaults/main.yml | 25 +++++++++++++++++++++++++ handlers/main.yml | 11 +++++++++++ tasks/configure.yml | 28 ++++++++++++++++++++++++++++ tasks/install.yml | 5 +++++ tasks/main.yml | 5 +++++ 5 files changed, 74 insertions(+) create mode 100644 defaults/main.yml create mode 100644 handlers/main.yml create mode 100644 tasks/configure.yml create mode 100644 tasks/install.yml create mode 100644 tasks/main.yml diff --git a/defaults/main.yml b/defaults/main.yml new file mode 100644 index 0000000..3583dce --- /dev/null +++ b/defaults/main.yml @@ -0,0 +1,25 @@ +--- +primary_mail_server: mail.example.org +primary_mail_server_port: 587 +mail_domains: + - example.org + - example.com +mail_aliases: + - local_name: postmaster + mail: mailadmin@example.org +mail_trusted_networks: + - 127.0.0.0/8 + - 192.168.1.0/24 +mail_user: backup_mx +mail_user_password: "{{ vault_backup_mx_user_password }}" +# Keep this bare minimun to keep the backup MX functionality +postfix_config: + mydestination: 'localhost; localhost.localdomain' + myhostname: "{{ ansible_hostname }}" + mynetworks: "{{ mail_trusted_networks | join(' ') }}" + smtpd_recipient_restrictions: 'permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination' + relayhost: "{{ primary_mail_server }}" + relay_domains: "$mydestination {{ mail_domains |join(' ') }}" + relay_recipient_maps: '' + virtual_alias_domains: '' + virtual_mailbox_domains: '' diff --git a/handlers/main.yml b/handlers/main.yml new file mode 100644 index 0000000..b3e16b1 --- /dev/null +++ b/handlers/main.yml @@ -0,0 +1,11 @@ +--- +- name: Refresh aliases + shell: newaliases +- name: Reload postfix + service: + name: postfix + state: restarted +- name: Reload Systemd daemon + shell: systemctl daemon-reload +- name: Update passwords + shell: /usr/sbin/postmap /etc/postfix/smtp_passwords \ No newline at end of file diff --git a/tasks/configure.yml b/tasks/configure.yml new file mode 100644 index 0000000..0cf0c2e --- /dev/null +++ b/tasks/configure.yml @@ -0,0 +1,28 @@ +--- +- name: Ensure aliases are present + lineinfile: + path: '/etc/aliases' + regexp: "^{{ item.local_name }}: " + line: "{{ item.local_name }}: {{ item.mail }}" + create: yes + backup: yes + loop: "{{ mail_aliases }}" + notify: Refresh aliases + +- name: Ensure mail passwords is configured + lineinfile: + path: /etc/postfix/smtp_passwords + regexp: "^{{ primary_mail_server }}::{{ primary_mail_server_port }} " + line: "{{ primary_mail_server }}::{{ primary_mail_server_port }} {{ mail_user }}@{{ mail_domains[0] }}:{{ mail_user_password }}" + create: yes + backup: yes + notify: Update passwords + +- name: Ensure postfix is configured + lineinfile: + path: /etc/postfix/main.cf + regexp: "^{{ item.key }}" + line: '{{ item.key }} = {{ item.value }}' + backup: yes + loop: "{{ postfix_config | dict2items }}" + notify: Reload postfix diff --git a/tasks/install.yml b/tasks/install.yml new file mode 100644 index 0000000..af6355a --- /dev/null +++ b/tasks/install.yml @@ -0,0 +1,5 @@ +--- +- name: Ensure software is installed + package: + name: + - postfix diff --git a/tasks/main.yml b/tasks/main.yml new file mode 100644 index 0000000..30a7806 --- /dev/null +++ b/tasks/main.yml @@ -0,0 +1,5 @@ +--- +- name: Ensure installation of backup mail services + include_tasks: install.yml +- name: Ensure configuration of backup mail services + include_tasks: configure.yml