7c632352a0
The behaviour of the `include` module is badly defined (it try to choose between statically importing the tasks and dynamically including them) and can cause problems depending on any number of constraints (mostly if it choose the wrong behaviour). Replace it with the `import_tasks` (always statically import tasks) unless the `include` is in a loop in which case we replace it with `include_tasks` (always dynamically include tasks).
106 lines
2.4 KiB
YAML
106 lines
2.4 KiB
YAML
- name: ensure packages are installed
|
|
apt:
|
|
name:
|
|
- dovecot-ldap
|
|
- dovecot-imapd
|
|
- dovecot-pop3d
|
|
- dovecot-sieve
|
|
- dovecot-managesieved
|
|
state: present
|
|
tags:
|
|
- dovecot
|
|
|
|
- name: Generate 4096 bits Diffie-Hellman parameters (may take several minutes)
|
|
openssl_dhparam:
|
|
path: /etc/ssl/dhparams.pem
|
|
size: 4096
|
|
|
|
- name: disable pam auth
|
|
replace:
|
|
dest: /etc/dovecot/conf.d/10-auth.conf
|
|
regexp: "[^#]!include auth-system.conf.ext"
|
|
replace: "#!include auth-system.conf.ext"
|
|
tags:
|
|
- dovecot
|
|
|
|
- name: update ldap auth
|
|
lineinfile:
|
|
dest: /etc/dovecot/dovecot-ldap.conf.ext
|
|
line: "{{ item.key }} = {{ item.value }}"
|
|
regexp: "^#*{{ item.key }}"
|
|
state: present
|
|
loop:
|
|
- { key: 'hosts', value: '127.0.0.1' }
|
|
- { key: 'auth_bind', value: 'yes' }
|
|
- { key: 'ldap_version', value: 3 }
|
|
- { key: 'base', value: "{{ ldap_suffix }}" }
|
|
- { key: 'user_attrs', value: 'homeDirectory=home' }
|
|
- { key: 'user_filter', value: '(&(isActive=TRUE)(uid=%u))' }
|
|
- { key: 'pass_attrs', value: 'uid=user,userPassword=password' }
|
|
when: ldap_suffix is defined
|
|
notify: reload dovecot
|
|
tags:
|
|
- dovecot
|
|
|
|
- name: create vmail group
|
|
group:
|
|
name: vmail
|
|
gid: "{{ dovecot_vmail_gid }}"
|
|
system: True
|
|
tags:
|
|
- dovecot
|
|
|
|
- name: create vmail user
|
|
user:
|
|
name: vmail
|
|
group: vmail
|
|
uid: "{{ dovecot_vmail_uid }}"
|
|
shell: /bin/false
|
|
system: True
|
|
tags:
|
|
- dovecot
|
|
|
|
- name: deploy evolix config
|
|
template:
|
|
src: z-evolinux-defaults.conf.j2
|
|
dest: /etc/dovecot/conf.d/z-evolinux-defaults.conf
|
|
mode: "0644"
|
|
notify: reload dovecot
|
|
tags:
|
|
- dovecot
|
|
|
|
- name: deploy file for custom configuration
|
|
template:
|
|
src: zzz-evolinux-custom.conf.j2
|
|
dest: /etc/dovecot/conf.d/zzz-evolinux-custom.conf
|
|
mode: "0644"
|
|
notify: reload dovecot
|
|
tags:
|
|
- dovecot
|
|
|
|
- import_tasks: munin.yml
|
|
tags:
|
|
- dovecot
|
|
|
|
- name: log2mail is installed
|
|
apt:
|
|
name: log2mail
|
|
state: present
|
|
tags: dovecot
|
|
|
|
- name: dovecot is configured in log2mail
|
|
blockinfile:
|
|
path: /etc/log2mail/config/mail.conf
|
|
create: true
|
|
owner: log2mail
|
|
group: adm
|
|
mode: "0640"
|
|
block: |
|
|
file = /var/log/mail.log
|
|
pattern = "Out of memory"
|
|
mailto = {{ log2mail_alert_email or general_alert_email | mandatory }}
|
|
template = /etc/log2mail/mail
|
|
notify: restart log2mail
|
|
tags: dovecot
|
|
|