blob: c1c2e3c09558dbafcee044fe1d4b686db36cdf49 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
|
---
- yum: name={{ item }} state=installed
with_items:
- postfix
- set_fact: use_sasl=True
when: sasl_user is defined and sasl_pass is defined
- set_fact: use_tls=True
when: use_sasl == True
- set_fact: use_local=True
when: local_users is defined
- service: name=postfix state=started enabled=yes
- template: dest=/etc/postfix/main.cf src=main.cf
notify: restart postfix
- copy: dest=/etc/aliases src=aliases
notify: rebuild aliases
- template: dest=/etc/postfix/aliases.{{ item }} src=aliases.{{ item }}
notify: update postfix aliases
with_items:
- users
- local
- shell: lokkit -s {{ item }}
with_items:
- smtp
when: ansible_distribution_major_version == '6' and (ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat')
- firewalld: service={{ item }} permanent=true state=enabled
with_items:
- smtp
when: ansible_distribution == 'Fedora' or ansible_distribution_major_version == '7'
- shell: creates={{ postfix_cert }} openssl req -x509 -newkey rsa:2048 -keyout {{ postfix_key }} -out {{ postfix_cert }} -days 3650 -nodes -subj '/C=US/ST=North Carolina/L=Raleigh/O=Red Hat Inc./OU=OSAS/CN={{ ansible_domain }}/emailAddress=postmaster@{{ ansible_domain }}'
when: use_tls
# TODO enforce proper permission on cert + selinux
- group: name=mail
register: mail_group
- user: name=nobody
register: nobody_user
when: use_local
- file: state=directory path=/var/mail/discourse{{ item }} owner={{ nobody_user.uid }} group={{ mail_group.gid }}
with_items:
- /
- /cur
- /tmp
- /new
when: use_local
- template: src={{ item }} dest=/etc/postfix/{{ item }}
notify: update postfix maps
with_items:
- local_recipient
when: use_local
- copy: src=smtpd.sasl.conf dest=/etc/sasl2/smtpd.conf
when: use_sasl
# TODO check if needed
notify: restart saslauthd
- shell: echo {{ sasl_pass }} | saslpasswd2 -a smtpd -u {{ ansible_domain }} -c {{ sasl_user }} -p
when: use_sasl
- file: path=/etc/sasldb2 owner=root group=mail mode=0640
when: use_sasl
|
