ansible-roles/postfix/tasks/packmail.yml

139 lines
2.8 KiB
YAML

---
- name: ensure packages are installed
apt:
name:
- postfix
- postfix-ldap
- postfix-policyd-spf-python
- mailgraph
state: present
tags:
- postfix
- name: make /var/lib/mailgraph accessible by www-data
file:
path: "/var/lib/mailgraph"
state: directory
owner: www-data
group: www-data
mode: '0755'
- name: make sure a service Mailgraph is running
systemd:
name: mailgraph.service
state: started
enabled: true
- name: create packmail main.cf
template:
src: packmail_main.cf.j2
dest: /etc/postfix/main.cf
owner: root
group: root
mode: "0644"
force: yes
notify: restart postfix
when: (postfix_force_main_cf | bool) or (postfix_maincf_md5_jessie in default_main_cf.stdout) or (postfix_maincf_md5_stretch in default_main_cf.stdout)
tags:
- postfix
- name: deploy packmail master.cf
template:
src: packmail_master.cf.j2
dest: /etc/postfix/master.cf
mode: "0644"
notify: restart postfix
tags:
- postfix
- name: copy default filter files
copy:
src: filter
dest: "/etc/postfix/{{ item }}"
force: no
loop:
- virtual
- client.access
- client.access_local
- header_kill
- header_kill_local
- recipient.access
- recipient.access_local
- sa-blacklist.access
- sender.access
- sender.access_local
- spamd.cidr
register: postfix_copy_filter
tags:
- postfix
- name: postmap filter files
command: "postmap /etc/postfix/{{ item }}"
loop:
- virtual
- client.access
- client.access_local
- header_kill
- header_kill_local
- recipient.access
- recipient.access_local
- sa-blacklist.access
- sender.access
- sender.access_local
- spamd.cidr
when: postfix_copy_filter is changed
tags:
- postfix
- name: deploy ldap postfix config
template:
src: "{{ item }}.j2"
dest: "/etc/postfix/{{ item }}"
mode: "0644"
loop:
- virtual_aliases.cf
- virtual_domains.cf
- virtual_mailboxes.cf
notify: restart postfix
tags:
- postfix
- include_role:
name: evolix/remount-usr
tags:
- postfix
- name: copy spam.sh script
copy:
src: spam.sh
dest: /usr/share/scripts/spam.sh
mode: "0700"
tags:
- postfix
- name: Check if cron is installed
shell: "set -o pipefail && dpkg -l cron 2>/dev/null | grep -q -E '^(i|h)i'"
args:
executable: /bin/bash
check_mode: no
failed_when: False
changed_when: False
register: is_cron_installed
- name: enable spam.sh cron
lineinfile:
dest: /etc/cron.d/spam
line: "42 * * * * root /usr/share/scripts/spam.sh"
create: yes
state: present
mode: "0640"
when: is_cron_installed.rc == 0
tags:
- postfix
- name: update antispam list
command: /usr/share/scripts/spam.sh
changed_when: False
tags:
- postfix