add slow_transport configuration for Postfix role

and disable Postfix customization in evolinux-base role
This commit is contained in:
Gregory Colpart 2017-01-02 00:32:29 +01:00
parent 786f48e7f3
commit 6c5e880938
9 changed files with 61 additions and 113 deletions

View file

@ -23,11 +23,7 @@ Main variables are :
* `evolinux_delete_nfs`: delete NFS tools (default: `True`)
* `evolinux_ntp_server`: custom NTP server host or IP (default: `Null`)
* `evolinux_additional_packages`: optional additional packages to install (default: `[]`)
* `evolinux_postfix_slow_transports_enabled`: configure slow transports (default: `True`) ;
* `evolinux_postfix_remove_exim`: remove Exim4 packages (default: `True`) ;
* `evolinux_postfix_myorigin`: `myorigin` variable for Postfix (default: value of `ansible_fqdn`) ;
* `evolinux_postfix_myhostname`: `myhostname` variable for Postfix (default: value of `ansible_fqdn`) ;
* `evolinux_postfix_mydestination`: `mydestination` variable for Postfix (default: `$myhostname`) ;
* `evolinux_postfix_purge_exim`: purge Exim packages (default: `True`) ;
* `evolinux_ssh_password_auth_addresses`: list of addresses that can authenticate with a password (default: `[]`)
* `evolinux_ssh_disable_root`: disable SSH access for root (default: `True`)

View file

@ -21,11 +21,7 @@ evolinux_apt_remove_aptitude: True
# postfix
evolinux_postfix_myorigin: "{{ ansible_fqdn }}"
evolinux_postfix_myhostname: "{{ ansible_fqdn }}"
evolinux_postfix_mydestination: "$myhostname"
evolinux_postfix_slow_transports_enabled: True
evolinux_postfix_remove_exim: True
evolinux_postfix_purge_exim: True
# kernel

View file

@ -53,15 +53,3 @@
command: newaliases
changed_when: False
- name: restart postfix
service:
name: postfix
state: restarted
- name: reload postfix
service:
name: postfix
state: reloaded
- name: postmap transport
command: postmap /etc/postfix/transport

View file

@ -11,20 +11,6 @@
- packages
- postfix
- name: main.cf is configured
lineinfile:
dest: /etc/postfix/main.cf
regexp: "^#? *{{ item.key }} *="
line: "{{ item.key }} = {{ item.value }}"
with_items:
- { key: "myorigin", value: "{{ evolinux_postfix_myorigin }}" }
- { key: "myhostname", value: "{{ evolinux_postfix_myhostname }}" }
- { key: "mydestination", value: "{{ evolinux_postfix_mydestination }}" }
- { key: "disable_vrfy_command", value: "yes" }
notify: reload postfix
tags:
- postfix
- name: fetch users list
shell: getent passwd | cut -d":" -f 1 | grep -v root
register: non_root_users_list
@ -64,6 +50,8 @@
tags:
- postfix
- meta: flush_handlers
- name: exim4 is absent
apt:
name: "{{ item }}"
@ -74,14 +62,8 @@
- exim4-base
- exim4-config
- exim4-daemon-light
when: evolinux_postfix_remove_exim
when: evolinux_postfix_purge_exim
tags:
- packages
- postfix
- include: postfix_slow_transports.yml
when: evolinux_postfix_slow_transports_enabled
tags:
- postfix
- meta: flush_handlers

View file

@ -1,69 +0,0 @@
---
- name: slow transport is defined in master.cf
lineinfile:
dest: /etc/postfix/master.cf
regexp: "^slow "
line: "slow unix - - n - - smtp"
notify: reload postfix
tags:
- postfix
- name: list of providers for slow transport
lineinfile:
dest: /etc/postfix/transport
line: "{{ item }}"
create: yes
with_items:
- "orange.fr slow:"
- "wanadoo.fr slow:"
- "voila.fr slow:"
- "laposte slow:"
- "yahoo.fr slow:"
- "yahoo.com slow:"
- "hotmail.fr slow:"
- "hotmail.com slow:"
notify:
- postmap transport
- reload postfix
tags:
- postfix
# - name: main.cf is configured for slow transports
# lineinfile:
# dest: /etc/postfix/main.cf
# regexp: "^{{ item.key }} ="
# line: "{{ item.key }} = {{ item.value }}"
# with_items:
# - { key: "minimal_backoff_time", value: "2h" }
# - { key: "maximal_backoff_time", value: "6h" }
# - { key: "maximal_queue_lifetime", value: "4d" }
# - { key: "queue_run_delay", value: "100s" }
# - { key: "bounce_queue_lifetime", value: "1d" }
# - { key: "initial_destination_concurrency", value: "5" }
# - { key: "default_destination_concurrency_limit", value: "20" }
# - { key: "slow_destination_rate_delay", value: "0" }
# - { key: "slow_destination_concurrency_limit", value: "1" }
# - { key: "slow_destination_concurrency_failed_cohort_limit", value: "100" }
# - { key: "slow_destination_recipient_limit", value: "25" }
# - { key: "transport_maps", value: "hash:$config_directory/transport" }
# notify: reload postfix
- name: main.cf is configured for slow transports
blockinfile:
dest: /etc/postfix/main.cf
marker: "# {mark} Slow transports configuration (managed by Ansible)"
block: |
minimal_backoff_time = 2h
maximal_backoff_time = 6h
maximal_queue_lifetime = 4d
queue_run_delay = 100s
bounce_queue_lifetime = 1d
initial_destination_concurrency = 5
default_destination_concurrency_limit = 20
slow_destination_rate_delay = 0
slow_destination_concurrency_limit = 1
slow_destination_concurrency_failed_cohort_limit = 100
slow_destination_recipient_limit = 25
transport_maps = hash:$config_directory/transport
notify: reload postfix

View file

@ -4,7 +4,9 @@ Install Postfix
## Tasks
Minimal configuration is in `tasks/main.yml`.
Minimal configuration is in `tasks/main.yml` and optional customization in :
* `slow_transport.yml` : slow transport to specific destination.
## Available variables

View file

@ -4,3 +4,10 @@
name: postfix
state: restarted
- name: reload postfix
service:
name: postfix
state: reloaded
- name: postmap transport
command: postmap /etc/postfix/transport

View file

@ -26,3 +26,5 @@
- meta: flush_handlers
- include: slow_transport.yml
when: postfix_slow_transport

View file

@ -0,0 +1,44 @@
---
- name: slow transport is defined in master.cf
lineinfile:
dest: /etc/postfix/master.cf
regexp: "^slow "
line: "slow unix - - n - - smtp"
- name: list of providers for slow transport
lineinfile:
dest: /etc/postfix/transport
line: "{{ item }}"
create: yes
with_items:
- "orange.fr slow:"
- "wanadoo.fr slow:"
- "voila.fr slow:"
- "laposte slow:"
- "yahoo.fr slow:"
- "yahoo.com slow:"
- "hotmail.fr slow:"
- "hotmail.com slow:"
notify: postmap transport
- name: main.cf is configured for slow transports
blockinfile:
dest: /etc/postfix/main.cf
marker: "# {mark} Slow transports configuration (installed by Ansible)"
block: |
minimal_backoff_time = 2h
maximal_backoff_time = 6h
maximal_queue_lifetime = 4d
queue_run_delay = 100s
bounce_queue_lifetime = 1d
initial_destination_concurrency = 5
default_destination_concurrency_limit = 20
slow_destination_rate_delay = 0
slow_destination_concurrency_limit = 1
slow_destination_concurrency_failed_cohort_limit = 100
slow_destination_recipient_limit = 25
transport_maps = hash:$config_directory/transport
notify: restart postfix
- meta: flush_handlers