Configure mail
This commit is contained in:
parent
1fa53010f4
commit
33bb6df38d
64
machine.yml
64
machine.yml
@ -10,6 +10,70 @@
|
|||||||
# E-mail configuration.
|
# E-mail configuration.
|
||||||
# ----------------------------------------------------------------------------------------------
|
# ----------------------------------------------------------------------------------------------
|
||||||
|
|
||||||
|
- name: Configure mailname
|
||||||
|
template:
|
||||||
|
src: ./root/etc/mailname.j2
|
||||||
|
dest: /etc/mailname
|
||||||
|
mode: 0644
|
||||||
|
register: mail_mailname
|
||||||
|
|
||||||
|
- name: Configure aliases
|
||||||
|
template:
|
||||||
|
src: ./root/etc/aliases.j2
|
||||||
|
dest: /etc/aliases
|
||||||
|
mode: 0644
|
||||||
|
register: mail_aliases
|
||||||
|
|
||||||
|
- name: Update aliases
|
||||||
|
command: newaliases
|
||||||
|
when: mail_aliases is changed
|
||||||
|
|
||||||
|
- name: Configure mailutils
|
||||||
|
template:
|
||||||
|
src: ./root/etc/mailutils.conf.j2
|
||||||
|
dest: /etc/mailutils.conf
|
||||||
|
mode: 0644
|
||||||
|
|
||||||
- name: Install postfix
|
- name: Install postfix
|
||||||
apt:
|
apt:
|
||||||
|
name:
|
||||||
|
- postfix
|
||||||
|
- ca-certificates
|
||||||
|
- libsasl2-modules
|
||||||
|
register: mail_postfix_install
|
||||||
|
|
||||||
|
- name: Configure postfix
|
||||||
|
template:
|
||||||
|
src: ./root/etc/postfix/main.cf.j2
|
||||||
|
dest: /etc/postfix/main.cf
|
||||||
|
mode: 0644
|
||||||
|
register: mail_postfix_cfg
|
||||||
|
|
||||||
|
- name: Configure credentials
|
||||||
|
template:
|
||||||
|
src: ./root/etc/postfix/sasl_passwd.j2
|
||||||
|
dest: /etc/postfix/sasl_passwd
|
||||||
|
mode: 0600
|
||||||
|
register: mail_postfix_credentials
|
||||||
|
|
||||||
|
- name: Create hash database
|
||||||
|
command: postmap /etc/postfix/sasl_passwd
|
||||||
|
when:
|
||||||
|
mail_postfix_credentials is changed
|
||||||
|
|
||||||
|
- name: Set hash database permissions
|
||||||
|
file:
|
||||||
|
path: /etc/postfix/sasl_passwd.db
|
||||||
|
mode: 0600
|
||||||
|
|
||||||
|
- name: Enable/restart postfix
|
||||||
|
service:
|
||||||
name: postfix
|
name: postfix
|
||||||
|
state: restarted
|
||||||
|
enabled: yes
|
||||||
|
when:
|
||||||
|
mail_mailname is changed or
|
||||||
|
mail_aliases is changed or
|
||||||
|
mail_postfix_install is changed or
|
||||||
|
mail_postfix_cfg is changed or
|
||||||
|
mail_postfix_credentials is changed
|
||||||
|
14
root/etc/aliases.j2
Normal file
14
root/etc/aliases.j2
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
# /etc/aliases
|
||||||
|
mailer-daemon: postmaster
|
||||||
|
postmaster: root
|
||||||
|
nobody: root
|
||||||
|
hostmaster: root
|
||||||
|
usenet: root
|
||||||
|
news: root
|
||||||
|
webmaster: root
|
||||||
|
www: root
|
||||||
|
ftp: root
|
||||||
|
abuse: root
|
||||||
|
noc: root
|
||||||
|
security: root
|
||||||
|
root: root.yggdrasil@{{ domain }}
|
1
root/etc/mailname.j2
Normal file
1
root/etc/mailname.j2
Normal file
@ -0,0 +1 @@
|
|||||||
|
{{ domain }}
|
3
root/etc/mailutils.conf.j2
Normal file
3
root/etc/mailutils.conf.j2
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
address {
|
||||||
|
email-domain {{ domain }};
|
||||||
|
};
|
@ -4,9 +4,9 @@
|
|||||||
# Debian specific: Specifying a file name will cause the first
|
# Debian specific: Specifying a file name will cause the first
|
||||||
# line of that file to be used as the name. The Debian default
|
# line of that file to be used as the name. The Debian default
|
||||||
# is /etc/mailname.
|
# is /etc/mailname.
|
||||||
#myorigin = /etc/mailname
|
myorigin = /etc/mailname
|
||||||
|
|
||||||
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
|
smtpd_banner = $myhostname ESMTP
|
||||||
biff = no
|
biff = no
|
||||||
|
|
||||||
# appending .domain is the MUA's job.
|
# appending .domain is the MUA's job.
|
||||||
@ -29,18 +29,24 @@ smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
|
|||||||
smtpd_tls_security_level=may
|
smtpd_tls_security_level=may
|
||||||
|
|
||||||
smtp_tls_CApath=/etc/ssl/certs
|
smtp_tls_CApath=/etc/ssl/certs
|
||||||
smtp_tls_security_level=may
|
smtp_tls_security_level=encrypt
|
||||||
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
|
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
|
||||||
|
smtp_tls_wrappermode = yes
|
||||||
|
|
||||||
|
|
||||||
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
|
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
|
||||||
myhostname = yggdrasil
|
myhostname = {{ hostname }}.{{ domain }}
|
||||||
alias_maps = hash:/etc/aliases
|
alias_maps = hash:/etc/aliases
|
||||||
alias_database = hash:/etc/aliases
|
alias_database = hash:/etc/aliases
|
||||||
mydestination = $myhostname, yggdrasil, localhost.localdomain, , localhost
|
mydestination = $myhostname, {{ hostname }}, localhost
|
||||||
relayhost =
|
relayhost = [{{ postfix_smtp_server }}]:{{ postfix_smtp_port }}
|
||||||
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
|
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
|
||||||
mailbox_size_limit = 0
|
mailbox_size_limit = 0
|
||||||
recipient_delimiter = +
|
recipient_delimiter = +
|
||||||
inet_interfaces = all
|
inet_interfaces = loopback-only
|
||||||
inet_protocols = all
|
inet_protocols = all
|
||||||
|
|
||||||
|
# SASL parameters
|
||||||
|
smtp_sasl_auth_enable = yes
|
||||||
|
smtp_sasl_security_options = noanonymous
|
||||||
|
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
|
||||||
|
1
root/etc/postfix/sasl_passwd.j2
Normal file
1
root/etc/postfix/sasl_passwd.j2
Normal file
@ -0,0 +1 @@
|
|||||||
|
[{{ postfix_smtp_server }}]:{{ postfix_smtp_port }} {{ postfix_smtp_user }}:{{ postfix_smtp_pass }}
|
@ -1,3 +1,13 @@
|
|||||||
# Ansible variables
|
# Ansible variables
|
||||||
ansible_port:
|
ansible_port:
|
||||||
ansible_become_password:
|
ansible_become_password:
|
||||||
|
|
||||||
|
# Machine variables
|
||||||
|
hostname:
|
||||||
|
domain:
|
||||||
|
|
||||||
|
# Postfix variables
|
||||||
|
postfix_smtp_server:
|
||||||
|
postfix_smtp_port:
|
||||||
|
postfix_smtp_user:
|
||||||
|
postfix_smtp_pass:
|
||||||
|
Loading…
Reference in New Issue
Block a user