diff options
author | bnewbold <bnewbold@robocracy.org> | 2022-06-22 18:41:36 -0700 |
---|---|---|
committer | bnewbold <bnewbold@robocracy.org> | 2022-06-22 18:41:36 -0700 |
commit | db539aade1b9daa4ba1b0347ed4cb0e39b0a2af4 (patch) | |
tree | 9584818df99934ffff6fe28ab236c929036e8c89 /roles/mailserver/tasks | |
parent | 810d4269058feb550083f6032ffa63af185f9a8d (diff) | |
parent | f6d3dac3b7b125f825c4a67d8f5dfeb22cd5dcc2 (diff) | |
download | infra-db539aade1b9daa4ba1b0347ed4cb0e39b0a2af4.tar.gz infra-db539aade1b9daa4ba1b0347ed4cb0e39b0a2af4.zip |
Merge branch 'master' of adze:infra
Diffstat (limited to 'roles/mailserver/tasks')
-rw-r--r-- | roles/mailserver/tasks/dovecot.yml | 39 | ||||
-rw-r--r-- | roles/mailserver/tasks/main.yml | 6 | ||||
-rw-r--r-- | roles/mailserver/tasks/postfix.yml | 18 | ||||
-rw-r--r-- | roles/mailserver/tasks/rspamd.yml | 52 |
4 files changed, 115 insertions, 0 deletions
diff --git a/roles/mailserver/tasks/dovecot.yml b/roles/mailserver/tasks/dovecot.yml new file mode 100644 index 0000000..9d2c20e --- /dev/null +++ b/roles/mailserver/tasks/dovecot.yml @@ -0,0 +1,39 @@ +- name: Install Dovecot and related packages + apt: pkg={{ item }} update_cache=yes state=installed + with_items: + - dovecot-core + - dovecot-imapd + - dovecot-lmtpd + - dovecot-antispam + tags: + - dependencies + +#- name: Copy dovecot.conf into place +# copy: src=etc_dovecot_dovecot.conf dest=/etc/dovecot/dovecot.conf + +#- name: Create before.d sieve scripts directory +# file: path=/etc/dovecot/sieve/before.d state=directory owner=vmail group=dovecot recurse=yes mode=0770 +# notify: restart dovecot + +#- name: Configure sieve script moving spam into Junk folder +# copy: src=etc_dovecot_sieve_before.d_no-spam.sieve dest=/etc/dovecot/sieve/before.d/no-spam.sieve owner=vmail group=dovecot +# notify: restart dovecot + +#- name: Copy additional Dovecot configuration files in place +# copy: src=etc_dovecot_conf.d_{{ item }} dest=/etc/dovecot/conf.d/{{ item }} +# with_items: +# - 10-auth.conf +# - 10-mail.conf +# - 10-master.conf +# - 90-antispam.conf +# - 90-plugin.conf +# - 90-sieve.conf +# notify: restart dovecot + +#- name: Update post-certificate-renewal task +# copy: +# content: "#!/bin/bash\n\n/etc/init.d/dovecot restart\n" +# dest: /etc/letsencrypt/postrenew/dovecot.sh +# mode: 0755 +# owner: root +# group: root diff --git a/roles/mailserver/tasks/main.yml b/roles/mailserver/tasks/main.yml new file mode 100644 index 0000000..7691288 --- /dev/null +++ b/roles/mailserver/tasks/main.yml @@ -0,0 +1,6 @@ +- include: postfix.yml + tags: postfix +- include: dovecot.yml + tags: dovecot +- include: rspamd.yml + tags: rspamd diff --git a/roles/mailserver/tasks/postfix.yml b/roles/mailserver/tasks/postfix.yml new file mode 100644 index 0000000..a36acd6 --- /dev/null +++ b/roles/mailserver/tasks/postfix.yml @@ -0,0 +1,18 @@ +- name: Install Postfix and related packages + apt: pkg={{ item }} state=installed + with_items: + - libsasl2-modules + - postfix + - postfix-pcre + - sasl2-bin + tags: + - dependencies + +#- name: Copy main.cf +# template: src=etc_postfix_main.cf.j2 dest=/etc/postfix/main.cf owner=root group=root +# notify: restart postfix + +#- name: Copy master.cf +# copy: src=etc_postfix_master.cf dest=/etc/postfix/master.cf owner=root group=root +# notify: restart postfix + diff --git a/roles/mailserver/tasks/rspamd.yml b/roles/mailserver/tasks/rspamd.yml new file mode 100644 index 0000000..4d870a8 --- /dev/null +++ b/roles/mailserver/tasks/rspamd.yml @@ -0,0 +1,52 @@ +--- +# Installs and configures the Rspamd spam filtering system. + +- name: Ensure repository key for Rspamd is in place + apt_key: url=https://rspamd.com/apt-stable/gpg.key state=present + when: ansible_architecture != "armv7l" + tags: + - dependencies + +- name: Ensure yunohost repository key for Rspamd is in place for ARM + apt_key: url=http://repo.yunohost.org/debian/yunohost.asc state=present + when: ansible_architecture == "armv7l" + tags: + - dependencies + +- name: Add Rspamd repository + apt_repository: repo="deb https://rspamd.com/apt-stable/ {{ ansible_distribution_release }} main" + when: ansible_architecture != "armv7l" + tags: + - dependencies + +- name: Add yunohost Rspamd repository for ARM + apt_repository: repo="deb http://repo.yunohost.org/debian {{ ansible_distribution_release }} stable" + when: ansible_architecture == "armv7l" + tags: + - dependencies + +- name: Install Rspamd and Redis + apt: pkg={{ item }} state=installed update_cache=yes + with_items: + - rspamd + tags: + - dependencies + +#- name: Copy DMARC configuration into place +# template: src=etc_rspamd_local.d_dmarc.conf.j2 dest=/etc/rspamd/local.d/dmarc.conf owner=root group=root mode="0644" +# notify: restart rspamd + +#- name: Copy DKIM configuration into place +# copy: src=etc_rspamd_override.d_dkim_signing.conf dest=/etc/rspamd/override.d/dkim_signing.conf owner=root group=root mode="0644" +# notify: restart rspamd + +#- name: Create dkim key directory +# file: path=/var/lib/rspamd/dkim state=directory owner=_rspamd group=_rspamd + +#- name: Generate DKIM keys +# shell: rspamadm dkim_keygen -s default -d {{ item.name }} -k {{ item.name }}.default.key > {{ item.name }}.default.txt +# args: +# creates: /var/lib/rspamd/dkim/{{ item.name }}.default.key +# chdir: /var/lib/rspamd/dkim/ +# with_items: "{{ mail_virtual_domains }}" + |