- name: configure Postfix (domain)
  debconf:
      name: 'postfix'
      question: 'postfix/domainpostfix/main_mailer_type'
      vtype: 'string'
      value: 'Internet Site'
- name: configure Postfix (organization)
  debconf:
      name: 'postfix'
      question: 'postfix/mailname'
      vtype: 'string'
      value: 'lilik.it'

- include_role:
    name: service
  vars:
    service_name: postfix
    service_packages:
      - postfix
      - postfix-ldap
      # TODO: log, add a centralized log server
      - rsyslog

- name: configure ldap-aliases for postfix
  template:
     src: ldap-aliases.cf.j2
     dest: "/etc/postfix/ldap-aliases.cf"
  notify: restart postfix

- name: provide postfix aliases from ldap-aliases
  lineinfile:
    dest: /etc/postfix/main.cf
    line: "virtual_alias_maps = proxy:ldap:/etc/postfix/ldap-aliases.cf"
  notify: restart postfix

- name: configure ldap-domains for postfix
  template:
     src: ldap-domains.cf.j2
     dest: "/etc/postfix/ldap-domains.cf"
  notify: restart postfix

- name: provide postfix mailbox domains from ldap-domains
  lineinfile:
    dest: /etc/postfix/main.cf
    line: "virtual_mailbox_domains = proxy:ldap:/etc/postfix/ldap-domains.cf"
  notify: restart postfix


- name: configure ldap-accounts for postfix
  template:
     src: ldap-accounts.cf.j2
     dest: "/etc/postfix/ldap-accounts.cf"
  notify: restart postfix

- name: provide postfix users from ldap-accounts
  lineinfile:
    dest: /etc/postfix/main.cf
    line: "virtual_mailbox_maps = proxy:ldap:/etc/postfix/ldap-accounts.cf"
  notify: restart postfix

- lineinfile:
    dest: /etc/postfix/main.cf
    line: "mydestination = mail.lilik.it, localhost"
    regexp: 'mydestination ='
    state: present
  notify: restart postfix

- name: edit postfix mynetworks
  lineinfile:
    dest: /etc/postfix/main.cf
    line: "mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 10.0.0.0/16"
    regexp: 'mynetworks ='
    state: present
  notify: restart postfix

- name: enable tls for outgoing mail
  lineinfile:
    dest: /etc/postfix/main.cf
    line: "smtp_tls_security_level = encrypt"
    regexp: 'smtp_tls_security_level ='
    state: present
  notify: restart postfix

- name: create transport map
  lineinfile:
    dest: /etc/postfix/transport
    line: "lists.lilik.it      :[{{ lists_server }}]"
    regexp: "lists.lilik.it"
    create: yes
  register: postfix_transport_result
  notify: restart postfix

- name: ensure transport map is compiled
  shell: postmap /etc/postfix/transport
  notify: reload postfix
  when: postfix_transport_result | changed

- name: enable transport map
  lineinfile:
    dest: /etc/postfix/main.cf
    line: "transport_maps = hash:/etc/postfix/transport"
    regexp: 'transport_maps ='
    state: present
  notify: restart postfix

- name: add lists.lilik.it relay
  lineinfile:
    dest: /etc/postfix/main.cf
    line: "relay_domains = lists.lilik.it"
    regexp: 'relay_domains ='
    state: present
  notify: restart postfix

- name: install antivirus and anti spam services
  include: antispam.yaml

- name: install opendkim service
  include: dkim.yaml

- name: add milters for smtp to postfix
  lineinfile:
    dest: '/etc/postfix/main.cf'
    line: 'smtpd_milters={{ postfix_milters|join(",") }}'
    regexp: '^smtpd_milters='
  notify: restart postfix

- name: add milters for non smtp to postfix
  lineinfile:
    dest: '/etc/postfix/main.cf'
    line: 'non_smtpd_milters={{ postfix_milters|join(",") }}'
    regexp: '^non_smtpd_milters='
  notify: restart postfix