Configure mail

This commit is contained in:
Wojciech Kozlowski 2022-08-27 22:07:17 +02:00
parent 1fa53010f4
commit 33bb6df38d
7 changed files with 106 additions and 7 deletions

View File

@ -10,6 +10,70 @@
# E-mail configuration.
# ----------------------------------------------------------------------------------------------
- name: Configure mailname
template:
src: ./root/etc/mailname.j2
dest: /etc/mailname
mode: 0644
register: mail_mailname
- name: Configure aliases
template:
src: ./root/etc/aliases.j2
dest: /etc/aliases
mode: 0644
register: mail_aliases
- name: Update aliases
command: newaliases
when: mail_aliases is changed
- name: Configure mailutils
template:
src: ./root/etc/mailutils.conf.j2
dest: /etc/mailutils.conf
mode: 0644
- name: Install postfix
apt:
name:
- postfix
- ca-certificates
- libsasl2-modules
register: mail_postfix_install
- name: Configure postfix
template:
src: ./root/etc/postfix/main.cf.j2
dest: /etc/postfix/main.cf
mode: 0644
register: mail_postfix_cfg
- name: Configure credentials
template:
src: ./root/etc/postfix/sasl_passwd.j2
dest: /etc/postfix/sasl_passwd
mode: 0600
register: mail_postfix_credentials
- name: Create hash database
command: postmap /etc/postfix/sasl_passwd
when:
mail_postfix_credentials is changed
- name: Set hash database permissions
file:
path: /etc/postfix/sasl_passwd.db
mode: 0600
- name: Enable/restart postfix
service:
name: postfix
state: restarted
enabled: yes
when:
mail_mailname is changed or
mail_aliases is changed or
mail_postfix_install is changed or
mail_postfix_cfg is changed or
mail_postfix_credentials is changed

14
root/etc/aliases.j2 Normal file
View File

@ -0,0 +1,14 @@
# /etc/aliases
mailer-daemon: postmaster
postmaster: root
nobody: root
hostmaster: root
usenet: root
news: root
webmaster: root
www: root
ftp: root
abuse: root
noc: root
security: root
root: root.yggdrasil@{{ domain }}

1
root/etc/mailname.j2 Normal file
View File

@ -0,0 +1 @@
{{ domain }}

View File

@ -0,0 +1,3 @@
address {
email-domain {{ domain }};
};

View File

@ -4,9 +4,9 @@
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_banner = $myhostname ESMTP
biff = no
# appending .domain is the MUA's job.
@ -29,18 +29,24 @@ smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_security_level=may
smtp_tls_CApath=/etc/ssl/certs
smtp_tls_security_level=may
smtp_tls_security_level=encrypt
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_tls_wrappermode = yes
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = yggdrasil
myhostname = {{ hostname }}.{{ domain }}
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydestination = $myhostname, yggdrasil, localhost.localdomain, , localhost
relayhost =
mydestination = $myhostname, {{ hostname }}, localhost
relayhost = [{{ postfix_smtp_server }}]:{{ postfix_smtp_port }}
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_interfaces = loopback-only
inet_protocols = all
# SASL parameters
smtp_sasl_auth_enable = yes
smtp_sasl_security_options = noanonymous
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd

View File

@ -0,0 +1 @@
[{{ postfix_smtp_server }}]:{{ postfix_smtp_port }} {{ postfix_smtp_user }}:{{ postfix_smtp_pass }}

View File

@ -1,3 +1,13 @@
# Ansible variables
ansible_port:
ansible_become_password:
# Machine variables
hostname:
domain:
# Postfix variables
postfix_smtp_server:
postfix_smtp_port:
postfix_smtp_user:
postfix_smtp_pass: